From f96147e922762a0ffcb391059ef2c21abfd3dbf6 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 6 Dec 2012 00:38:03 +0100 Subject: Updating the translations for the 1.9.3 release --- src/man/po/br.po | 1212 +++---- src/man/po/ca.po | 1229 +++---- src/man/po/cs.po | 1210 +++---- src/man/po/es.po | 1212 +++---- src/man/po/eu.po | 1210 +++---- src/man/po/fr.po | 1452 ++++---- src/man/po/ja.po | 1261 +++---- src/man/po/lv.po | 8278 ++++++++++++++++++++++++++++++++++++++++++++++ src/man/po/nl.po | 1212 +++---- src/man/po/po4a.cfg | 2 +- src/man/po/pt.po | 1212 +++---- src/man/po/ru.po | 1210 +++---- src/man/po/sssd-docs.pot | 1186 +++---- src/man/po/tg.po | 1210 +++---- src/man/po/uk.po | 1242 +++---- 15 files changed, 16855 insertions(+), 7483 deletions(-) create mode 100644 src/man/po/lv.po (limited to 'src/man') diff --git a/src/man/po/br.po b/src/man/po/br.po index 5136bebdc..84b750858 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek \n" "Language-Team: Breton (http://www.transifex.com/projects/p/fedora/language/" @@ -206,7 +206,7 @@ msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Arventennoù ar rann" @@ -243,19 +243,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Dre ziouer : 3" @@ -274,7 +274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (neudennad)" @@ -294,7 +294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" @@ -377,32 +377,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -412,15 +391,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -438,12 +417,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "RANNOÙ SERVIJOÙ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -452,80 +431,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Dre ziouer : true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -535,23 +514,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -631,7 +631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Dre ziouer : 15" @@ -873,100 +873,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -974,59 +975,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1034,7 +1035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1043,17 +1044,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1061,115 +1062,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1181,7 +1182,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1192,24 +1193,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1217,12 +1218,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1231,24 +1232,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1257,39 +1258,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1299,14 +1300,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1315,122 +1316,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1439,17 +1440,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1458,33 +1459,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1492,8 +1493,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1502,8 +1503,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1511,19 +1512,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1532,19 +1533,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1552,7 +1553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1560,30 +1561,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1591,19 +1592,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1612,24 +1613,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1637,7 +1638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1645,35 +1646,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1681,22 +1682,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1704,7 +1706,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1712,31 +1714,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1744,28 +1746,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1773,7 +1770,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1781,24 +1778,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1806,19 +1803,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1827,29 +1824,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1857,7 +1854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1865,14 +1862,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1880,59 +1877,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1940,56 +1937,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1998,30 +1995,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2029,29 +2026,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2059,19 +2056,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2079,73 +2076,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2153,17 +2150,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2172,17 +2169,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2190,17 +2187,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2208,18 +2205,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2249,7 +2246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2290,7 +2287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3022,8 +3019,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3038,7 +3035,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3226,7 +3223,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3486,7 +3483,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3759,53 +3756,75 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_sasl_realm (string)" +msgstr "full_name_format (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3813,27 +3832,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3845,7 +3864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3853,7 +3872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3861,53 +3880,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3915,32 +3934,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3949,56 +3973,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4009,12 +4033,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4023,14 +4047,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4039,24 +4063,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4064,19 +4088,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4085,7 +4109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4093,7 +4117,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4102,89 +4126,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4201,213 +4225,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4415,106 +4439,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4523,76 +4547,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4601,46 +4625,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4648,43 +4672,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4692,7 +4716,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4700,7 +4724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4714,19 +4738,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5029,7 +5053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5040,12 +5064,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5053,7 +5085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5105,25 +5137,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5133,87 +5173,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5221,86 +5261,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5308,12 +5348,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5321,17 +5361,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5340,313 +5380,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5654,7 +5726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5792,7 +5864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5800,7 +5872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/ca.po b/src/man/po/ca.po index 7c9ffd89a..d22dbbfa9 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -8,9 +8,9 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-08 11:08+0000\n" -"Last-Translator: muzzol <muzzol@gmail.com>\n" +"Last-Translator: muzzol mussol <muzzol@gmail.com>\n" "Language-Team: Catalan <fedora@llistes.softcatala.org>\n" "Language: ca\n" "MIME-Version: 1.0\n" @@ -228,7 +228,7 @@ msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Paràmetres de la secció" @@ -269,12 +269,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -283,7 +283,7 @@ msgstr "" "caiguda del Proveïdor de Dades o reiniciar abans de donar-se per vençuts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Per defecte: 3" @@ -306,7 +306,7 @@ msgstr "" "que es va preguntar la llista de dominis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -326,7 +326,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" @@ -422,32 +422,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "Per defecte: 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -457,15 +436,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -489,12 +468,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "SECCIONS DE SERVEIS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -507,80 +486,80 @@ msgstr "" "quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "Opcions de configuració del servei general" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "Aquestes opcions es poden utilitzar per a configurar qualsevol servei." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "Afegir una marca de temps als missatges de depuració" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Per defecte: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Per defecte: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -590,23 +569,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Per defecte: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -707,7 +707,7 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Per defecte: 15" @@ -951,52 +951,53 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "Opcions de configuració de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1005,12 +1006,12 @@ msgstr "" "Authentication Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1020,17 +1021,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1039,12 +1040,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1054,7 +1055,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1062,17 +1063,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1081,43 +1082,43 @@ msgstr "" "autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "L'Sssd suporta actualment els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1129,7 +1130,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1143,17 +1144,17 @@ msgstr "" "proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1161,115 +1162,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1281,7 +1282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1292,24 +1293,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1317,12 +1318,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1331,17 +1332,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1350,7 +1351,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1363,17 +1364,17 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1382,22 +1383,22 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1413,7 +1414,7 @@ msgstr "" "d'enumeració." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1423,7 +1424,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1437,12 +1438,12 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1451,112 +1452,112 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Determina si les credencials d'usuari també són emmagatzemades en la memòria " "cau local de LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1569,17 +1570,17 @@ msgstr "" "ha de ser superior o igual a offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1588,33 +1589,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: donar suport a un proveïdor NSS antic" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1622,8 +1623,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1632,8 +1633,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1641,19 +1642,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1666,12 +1667,12 @@ msgstr "" "trobaria l'usuari mentre que <command>getent passwd test@LOCAL</command> si." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1680,7 +1681,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1691,7 +1692,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1702,7 +1703,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -1710,12 +1711,12 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1724,12 +1725,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1740,19 +1741,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1765,17 +1766,17 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "chpass_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1784,7 +1785,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1796,7 +1797,7 @@ msgstr "" "configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1807,7 +1808,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1815,12 +1816,12 @@ msgstr "" "objectiu de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -1829,17 +1830,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1847,22 +1848,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1870,7 +1872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1878,31 +1880,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" +"El proveïdor que hauria de gestionar les operacions de canvi contrasenya per " +"al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1910,28 +1918,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "Per defecte: none" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1939,7 +1942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1947,24 +1950,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1972,19 +1975,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1993,29 +1996,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2026,7 +2029,7 @@ msgstr "" "quote> , el domini tot el que ve després\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2034,7 +2037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2043,7 +2046,7 @@ msgstr "" "sintaxi Python (?P <name>) a l'etiqueta subpatterns." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -2051,17 +2054,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2070,42 +2073,42 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2116,12 +2119,12 @@ msgstr "" "aquest temps d'espera, el domini seguirà operant en el mode fora de línia." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2130,44 +2133,44 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2176,30 +2179,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2210,17 +2213,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on re-envia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2229,12 +2232,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2245,7 +2248,7 @@ msgstr "" "$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2254,12 +2257,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "La secció de domini local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2270,29 +2273,29 @@ msgstr "" "<replaceable>id_provider = local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'intèrpret d'ordres per defecte per als usuaris creats amb eines SSSD " "d'espai d'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "Per defecte: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2301,46 +2304,46 @@ msgstr "" "replaceable> i utilitzen això com el directori d'usuari." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "Per defecte: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2351,17 +2354,17 @@ msgstr "" "defecte en un directori personal acabat de crear." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "Per defecte: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2374,17 +2377,17 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "Per defecte: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2395,17 +2398,17 @@ msgstr "" "s'especifica, s'utilitzarà un valor per defecte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "Per defecte: <filename>/var/correu</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2416,18 +2419,18 @@ msgstr "" "té en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2482,7 +2485,7 @@ msgstr "" "\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2540,7 +2543,7 @@ msgstr "" "informació sobre l'ús d'LDAP com un proveïdor d'accés." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "OPCIONS DE CONFIGURACIÓ" @@ -3323,8 +3326,8 @@ msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "Per defecte: cn" @@ -3339,7 +3342,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "Per defecte: memberOf" @@ -3535,7 +3538,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3805,7 +3808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -4104,60 +4107,87 @@ msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1418 +#, fuzzy +#| msgid "" +#| "Specify the SASL authorization id to use. When GSSAPI is used, this " +#| "represents the Kerberos principal used for authentication to the " +#| "directory." msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "Especifica l'identificador d'autorització SASL a utilitzar. Quan s'utilitza " "GSSAPI, això representa el principal Kerberos usat per autenticar al " "directori." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4168,27 +4198,27 @@ msgstr "" "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4200,7 +4230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4211,7 +4241,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4223,41 +4253,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica l'àmbit KERBEROS (per a autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4266,7 +4296,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4275,7 +4305,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4283,7 +4313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4294,19 +4324,24 @@ msgstr "" "chpass_provider=krb5 per actualitzar aquests atributs quan es canvia la " "contrasenya." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "Per defecte: none" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4315,7 +4350,7 @@ msgstr "" "quan és compilat amb la versió d'OpenLDAP 2.4.13 o superior." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4324,29 +4359,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4355,30 +4390,30 @@ msgstr "" "permet canvis de contrasenya quan està habilitada la detecció de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4389,12 +4424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4406,7 +4441,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4415,7 +4450,7 @@ msgstr "" "membres del grup d'ldap \"allowedusers\"." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4428,17 +4463,17 @@ msgstr "" "concedint accés en estar fora de línia i viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4447,7 +4482,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4459,12 +4494,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4473,7 +4508,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4482,7 +4517,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4490,7 +4525,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4499,29 +4534,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4530,17 +4565,17 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -4549,12 +4584,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4563,13 +4598,13 @@ msgstr "" "cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4579,7 +4614,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4588,7 +4623,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4597,7 +4632,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4622,213 +4657,213 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4836,106 +4871,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4944,76 +4979,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5022,46 +5057,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5069,43 +5104,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5116,7 +5151,7 @@ msgstr "" "sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5127,7 +5162,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5149,19 +5184,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5424,7 +5459,7 @@ msgstr "" "control d'accés per <citerefentry><refentrytitle>sssd</refentrytitle> " "<manvolnum>8</manvolnum></citerefentry>. Per una referència detallada de la " "sintaxi, aneu a la secció de <quote>FORMAT DE FITXER</quote> de la pàgina " -"del manual de <citerefentry><refentrytitle>sssd.conf</refentrytitle> " +"del manual <citerefentry>de <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> @@ -5522,7 +5557,7 @@ msgstr "" "locals." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5530,13 +5565,21 @@ msgid "" "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" "Consulteu la secció <quote>SECCIONS DE DOMINI</quote> de la pàgina del " -"manual d' <citerefentry><refentrytitle>sssd.conf</refentrytitle> " +"manual <citerefentry>d' <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum></citerefentry> per a més informació sobre la " "configuració d'un domini SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" @@ -5544,7 +5587,7 @@ msgstr "" "defineixen alhora simple_allow_users i simple_deny_users." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5556,7 +5599,7 @@ msgstr "" "específiques del proveïdor." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5622,13 +5665,21 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -5637,12 +5688,12 @@ msgstr "" "s'utilitza el nom de domini de la configuració." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5652,12 +5703,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (cadeba)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." @@ -5666,12 +5717,12 @@ msgstr "" "complet utilitzat en el domini d'IPA per identificar aquest amfitrió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." @@ -5680,19 +5731,19 @@ msgstr "" "servidor DNS integrat dins FreeIPA v2 amb l'adreça d'IP d'aquest client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." @@ -5702,44 +5753,44 @@ msgstr "" "de DNS dinàmiques." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "Per defecte: Utilitzar l'adreça IP de la connexió LDAP d'IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5747,58 +5798,58 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." @@ -5807,7 +5858,7 @@ msgstr "" "suplantada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5816,21 +5867,21 @@ msgstr "" "proveïdor Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5838,12 +5889,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5851,17 +5902,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5870,313 +5921,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6188,7 +6271,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -6330,7 +6413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6338,7 +6421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/cs.po b/src/man/po/cs.po index cbc3dc3de..7e2d1a547 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-05-22 13:44+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/fedora/language/" @@ -201,7 +201,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "" @@ -238,19 +238,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "" @@ -269,7 +269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "" @@ -289,7 +289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "" @@ -372,32 +372,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -407,15 +386,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -433,12 +412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -447,80 +426,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -530,23 +509,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -626,7 +626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "" @@ -868,100 +868,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -969,59 +970,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1029,7 +1030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1038,17 +1039,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1056,115 +1057,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1176,7 +1177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1187,24 +1188,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1212,12 +1213,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1226,24 +1227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1252,39 +1253,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1294,14 +1295,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1310,122 +1311,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1434,17 +1435,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1453,33 +1454,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1487,8 +1488,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1497,8 +1498,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1506,19 +1507,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1527,19 +1528,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1547,7 +1548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1555,30 +1556,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1586,19 +1587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1607,24 +1608,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1632,7 +1633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1640,35 +1641,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1676,22 +1677,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1699,7 +1701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1707,31 +1709,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1739,28 +1741,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1768,7 +1765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1776,24 +1773,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1801,19 +1798,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1822,29 +1819,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1852,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1860,14 +1857,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1875,59 +1872,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1935,56 +1932,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1993,30 +1990,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2024,29 +2021,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2054,19 +2051,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2074,73 +2071,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2148,17 +2145,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2167,17 +2164,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2185,17 +2182,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2203,18 +2200,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2244,7 +2241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2285,7 +2282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3017,8 +3014,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3033,7 +3030,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3221,7 +3218,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3481,7 +3478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3754,53 +3751,73 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3808,27 +3825,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3840,7 +3857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3848,7 +3865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3856,53 +3873,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3910,32 +3927,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3944,56 +3966,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4004,12 +4026,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4018,14 +4040,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4034,24 +4056,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4059,19 +4081,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4080,7 +4102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4088,7 +4110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4097,89 +4119,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4196,213 +4218,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4410,106 +4432,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4518,76 +4540,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4596,46 +4618,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4643,43 +4665,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4687,7 +4709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4695,7 +4717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4709,19 +4731,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5026,7 +5048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5037,12 +5059,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5050,7 +5080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5102,25 +5132,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5130,87 +5168,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5218,86 +5256,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5305,12 +5343,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5318,17 +5356,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5337,313 +5375,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5651,7 +5721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5789,7 +5859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5797,7 +5867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/es.po b/src/man/po/es.po index 7492a0408..204c2c81d 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -11,7 +11,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n" @@ -234,7 +234,7 @@ msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Parámetros de sección" @@ -275,12 +275,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -289,7 +289,7 @@ msgstr "" "de datos del proveedor, o de reiniciarse antes de abandonar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Predeterminado: 3" @@ -313,7 +313,7 @@ msgstr "" "consultados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (cadena)" @@ -333,7 +333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" @@ -430,32 +430,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "Predeterminado: 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -465,15 +444,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -491,12 +470,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "SECCIONES DE SERVICIOS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -509,80 +488,80 @@ msgstr "" "<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "Opciones de configuración de servicios generales" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "Estas opciones pueden usarse para configurar cualquier servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "Agregar una marca de tiempo a los mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Predeterminado: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Predeterminado: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -592,23 +571,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Predeterminado: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -690,7 +690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Predeterminado: 15" @@ -932,52 +932,53 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -986,48 +987,48 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1035,61 +1036,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1097,7 +1098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1106,17 +1107,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1124,115 +1125,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1244,7 +1245,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1255,24 +1256,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1280,12 +1281,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1294,17 +1295,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1313,7 +1314,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1322,39 +1323,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1364,14 +1365,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1380,12 +1381,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1394,112 +1395,112 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Las credenciales de usuario son almacenadas en un hash SHA512, no en texto " "plano" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1508,17 +1509,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1527,33 +1528,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1561,8 +1562,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1571,8 +1572,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1580,19 +1581,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1601,12 +1602,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1615,7 +1616,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1623,7 +1624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1631,30 +1632,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1662,19 +1663,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1683,24 +1684,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1712,7 +1713,7 @@ msgstr "" "configurar LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1723,36 +1724,36 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1760,22 +1761,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1783,7 +1785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1791,31 +1793,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1823,28 +1825,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "Predeterminado: none" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1852,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1860,24 +1857,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1885,19 +1882,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1906,29 +1903,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1939,7 +1936,7 @@ msgstr "" "el nombre, el dominio es el resto detrás de este signo\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1947,7 +1944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -1956,7 +1953,7 @@ msgstr "" "soportan la sintaxis Python (?P<name>) para identificar subpatrones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1964,59 +1961,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2024,57 +2021,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "case_sensitive (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2083,30 +2080,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2114,29 +2111,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2144,7 +2141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2153,12 +2150,12 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "La sección de dominio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2169,29 +2166,29 @@ msgstr "" "utiliza <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "El shell predeterminado para los usuarios creados con herramientas de " "espacio de usuario SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "Predeterminado: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2201,46 +2198,46 @@ msgstr "" "de inicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "Predeterminado: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2251,17 +2248,17 @@ msgstr "" "predeterminados en un directorio de inicio recién creado." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "Predeterminado: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2274,17 +2271,17 @@ msgstr "" "<manvolnum>8</manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "Predeterminado: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2292,17 +2289,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "Predeterminado: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2310,18 +2307,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2375,7 +2372,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2416,7 +2413,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "OPCIONES DE CONFIGURACIÓN" @@ -3163,8 +3160,8 @@ msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "Predeterminado: cn" @@ -3179,7 +3176,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "Predeterminado: memberOf" @@ -3367,7 +3364,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3627,7 +3624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" @@ -3902,53 +3899,75 @@ msgstr "ldap_sasl_authid (cadena)" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3956,27 +3975,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3988,7 +4007,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3996,7 +4015,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4004,41 +4023,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4047,14 +4066,14 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4062,32 +4081,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "Predeterminado: none" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4096,29 +4120,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4128,29 +4152,29 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4161,12 +4185,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4178,14 +4202,14 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4194,24 +4218,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4219,19 +4243,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4240,7 +4264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4248,7 +4272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4257,29 +4281,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4288,17 +4312,17 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -4307,45 +4331,45 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4362,213 +4386,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4576,106 +4600,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4684,76 +4708,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4762,46 +4786,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4811,43 +4835,43 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4855,7 +4879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4863,7 +4887,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4885,19 +4909,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5208,7 +5232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5219,12 +5243,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5232,7 +5264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5287,25 +5319,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5315,87 +5355,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "Predeterminado: Utilizar la dirección IP de la conexión IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "Predeterminado: Utilizar DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5403,86 +5443,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5490,12 +5530,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5503,17 +5543,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "ipa_hbac_treat_deny_as (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5522,313 +5562,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "Predeterminado: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "ipa_hbac_support_srchost (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "ipa_netgroup_member_of (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "ipa_netgroup_member_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "Predeterminado: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "ipa_netgroup_member_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "Predeterminado: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "ipa_netgroup_member_ext_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "Predeterminado: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "ipa_netgroup_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "Predeterminado: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "ipa_host_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "Predeterminado: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5836,7 +5908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5978,7 +6050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5986,7 +6058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/eu.po b/src/man/po/eu.po index d201753df..b1ae0ab02 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.8.95\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-07-18 21:31+0300\n" "Last-Translator: Automatically generated\n" "Language-Team: none\n" @@ -198,7 +198,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "" @@ -235,19 +235,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "" @@ -266,7 +266,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "" @@ -286,7 +286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "" @@ -369,32 +369,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -404,15 +383,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -430,12 +409,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -444,80 +423,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -527,23 +506,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -623,7 +623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "" @@ -865,100 +865,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -966,59 +967,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1026,7 +1027,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1035,17 +1036,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1053,115 +1054,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1173,7 +1174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1184,24 +1185,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1209,12 +1210,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1223,24 +1224,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1249,39 +1250,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1291,14 +1292,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1307,122 +1308,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1431,17 +1432,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1450,33 +1451,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1484,8 +1485,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1494,8 +1495,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1503,19 +1504,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1524,19 +1525,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1544,7 +1545,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1552,30 +1553,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1583,19 +1584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1604,24 +1605,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1629,7 +1630,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1637,35 +1638,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1673,22 +1674,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1696,7 +1698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1704,31 +1706,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1736,28 +1738,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1765,7 +1762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1773,24 +1770,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1798,19 +1795,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1819,29 +1816,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1849,7 +1846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1857,14 +1854,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1872,59 +1869,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1932,56 +1929,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1990,30 +1987,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2021,29 +2018,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2051,19 +2048,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2071,73 +2068,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2145,17 +2142,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2164,17 +2161,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2182,17 +2179,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2200,18 +2197,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2241,7 +2238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2282,7 +2279,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3014,8 +3011,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3030,7 +3027,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3218,7 +3215,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3478,7 +3475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3751,53 +3748,73 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3805,27 +3822,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3837,7 +3854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3845,7 +3862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3853,53 +3870,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3907,32 +3924,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3941,56 +3963,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4001,12 +4023,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4015,14 +4037,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4031,24 +4053,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4056,19 +4078,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4077,7 +4099,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4085,7 +4107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4094,89 +4116,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4193,213 +4215,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4407,106 +4429,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4515,76 +4537,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4593,46 +4615,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4640,43 +4662,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4684,7 +4706,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4692,7 +4714,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4706,19 +4728,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5021,7 +5043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5032,12 +5054,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5045,7 +5075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5097,25 +5127,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5125,87 +5163,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5213,86 +5251,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5300,12 +5338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5313,17 +5351,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5332,313 +5370,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5646,7 +5716,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5784,7 +5854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5792,7 +5862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 0440fdc2d..38c4ae822 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" -"PO-Revision-Date: 2012-10-07 19:47+0000\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" +"PO-Revision-Date: 2012-11-14 14:20+0000\n" "Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n" "Language-Team: French <trans-fr@lists.fedoraproject.org>\n" "Language: fr\n" @@ -232,7 +232,7 @@ msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Paramètres de section" @@ -272,12 +272,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -286,7 +286,7 @@ msgstr "" "redémarrer dans le cas d'un plantage du « Data Provider » avant d'abandonner" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Par défaut : 3" @@ -309,7 +309,7 @@ msgstr "" "domaines dans l'ordre où vous voulez les appeler." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (chaîne)" @@ -327,9 +327,13 @@ msgid "" "ID providers there are also default regular expressions. See DOMAIN " "SECTIONS for more info on these regular expressions." msgstr "" +"Chaque domaine peut avoir une expression régulière individuelle configurée. " +"Pour certains fournisseurs ID, il y a aussi des expressions régulières par " +"défaut. Voir les SECTIONS DOMAINE pour plus d'informations sur ces " +"expressions régulières." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" @@ -347,6 +351,8 @@ msgid "" "Each domain can have an individual format string configured. see DOMAIN " "SECTIONS for more info on this option." msgstr "" +"Chaque domaine peut avoir une chaîne de format individuelle configurée. " +"Voir les SECTIONS DOMAINE pour plus d'informations sur cette option." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:158 @@ -424,32 +430,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "Par défaut : 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -459,15 +444,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -491,12 +476,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "SECTIONS SERVICES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -509,80 +494,80 @@ msgstr "" "<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "Options générales de configuration du service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "Ajoute un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Par défaut : true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" -msgstr "" +msgstr "Ajouter les microsecondes à l'horodatage dans les messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Par défaut : 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -592,23 +577,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Par défaut : 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -633,8 +639,8 @@ msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" -"Combien de secondes nss_sss doit-il mettre en cache les énumérations " -"(requêtes pour les informations sur tous les utilisateurs)" +"La durée en secondes pendant laquelle nss_sss doit mettre en cache les " +"énumérations (requêtes pour les informations sur tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:368 @@ -708,7 +714,7 @@ msgstr "" "nouveau l'arrière plan." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Par défaut : 15" @@ -984,11 +990,12 @@ msgstr "default_shell" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -998,41 +1005,41 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1041,12 +1048,12 @@ msgstr "" "(PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1056,17 +1063,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1075,12 +1082,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1089,25 +1096,28 @@ msgstr "" "atteint avant qu'une nouvelle tentative soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " "authentication can enable offline authentication again." msgstr "" +"Si la valeur est à 0, l'utilisateur ne peut s'authentifier en mode " +"déconnecté si offline_failed_login_attempts est atteint. Seulement une " +"connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1116,44 +1126,44 @@ msgstr "" "d'authentification. Le nombre le plus grand affichera plus de messages." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1165,7 +1175,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1179,17 +1189,17 @@ msgstr "" "retour avec le fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant que le mot de passe n'expire." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1200,115 +1210,118 @@ msgstr "" "manquante, sssd ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" -msgstr "" +msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" +"Les options suivantes peuvent être utilisées pour configurer le service sudo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" -msgstr "" +msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" +"Évaluation ou non des attributs sudoNotBefore et sudoNotAfter qui utilisent " +"les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" -msgstr "" +msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." -msgstr "" +msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" -msgstr "" +msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1320,7 +1333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1331,24 +1344,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1356,12 +1369,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1370,17 +1383,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1389,7 +1402,7 @@ msgstr "" "dehors de ces limites, il est ignoré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1402,17 +1415,17 @@ msgstr "" "plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1421,22 +1434,22 @@ msgstr "" "valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont comptés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1452,7 +1465,7 @@ msgstr "" "importante liée au processus d'énumération." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1462,7 +1475,7 @@ msgstr "" "complétion." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1476,126 +1489,136 @@ msgstr "" "le id_provider spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" -"Combien de temps en secondes doit considérer nss_sss les entrées comme " -"valides avant d'appeler à nouveau l'arrière plan" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées " +"comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" -msgstr "" +msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées " +"d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" -msgstr "" +msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " +"groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" -msgstr "" +msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " +"netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" -msgstr "" +msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" +"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de " +"service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Détermine si les crédits utilisateur sont aussi mis en cache dans le cache " "LDB local" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" +"Les informations d'identification utilisateur sont stockées dans une table " +"de hachage SHA512, et non en texte brut" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1608,17 +1631,17 @@ msgstr "" "ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Défault: 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1627,33 +1650,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: supporte l'ancien protocole NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1661,8 +1684,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1671,8 +1694,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1680,19 +1703,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1706,12 +1729,12 @@ msgstr "" "test@LOCAL</command> ne le trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1720,7 +1743,7 @@ msgstr "" "autorisés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1732,7 +1755,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1743,7 +1766,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -1751,12 +1774,12 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1765,12 +1788,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1781,19 +1804,19 @@ msgstr "" "plan). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> refuser l'accès de manière permanente.." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1806,17 +1829,17 @@ msgstr "" "configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1825,7 +1848,7 @@ msgstr "" "domaine. Les fournisseurs acceptés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1837,7 +1860,7 @@ msgstr "" "serveur LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1849,7 +1872,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1857,13 +1880,13 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> désactiver le changement de mot de passe explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -1872,17 +1895,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" -msgstr "" +msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" +"Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " +"charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1890,24 +1915,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." -msgstr "" +msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1915,7 +1941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1923,31 +1949,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" +"Le fournisseur qui devrait gérer le changement des mots de passe pour le " +"domaine. Les fournisseurs acceptés sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1955,28 +1987,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "Par défaut : aucun" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1984,7 +2011,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1992,24 +2019,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2017,19 +2044,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2038,29 +2065,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2071,7 +2098,7 @@ msgstr "" "importe le domaine après »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2083,7 +2110,7 @@ msgstr "" "fonction." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2092,7 +2119,7 @@ msgstr "" "syntaxe Python (?P<name>) pour nommer les sous-modèles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -2100,17 +2127,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2119,46 +2146,46 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "Valeurs autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essaye de chercher une IPv4, si ça échoue, essaye une IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tente de résoudre que les noms de domaines en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essaye de chercher une IPv6, si ça échoue, essaye une IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tente de résoudre que les noms de domaines en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2169,12 +2196,12 @@ msgstr "" "le domaine continuera en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2184,46 +2211,48 @@ msgstr "" "de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utilise la partie du domaine qui est dans le nom d'hôte de la " "machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "case_sensitive (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" +"Traiter les utilisateur et les noms de groupes comme sensible à la casse. " +"Actuellement, cette option n'est pas supportée dans le fournisseur local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2232,30 +2261,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2267,17 +2296,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible auquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2286,12 +2315,12 @@ msgstr "" "exsitante ou créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2302,7 +2331,7 @@ msgstr "" "$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2311,12 +2340,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "La section du domaine local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2327,29 +2356,29 @@ msgstr "" "dire un domaine qui utilise <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "L'interpréteur de commandes par défaut pour les utilisateurs créés avec les " "outils de l'espace utilisateur SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "Par défaut : <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2358,17 +2387,17 @@ msgstr "" "replaceable> et l'utilise comme dossier personnel." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "Par défaut : <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2377,17 +2406,17 @@ msgstr "" "utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2396,12 +2425,12 @@ msgstr "" "suppression des utilisateurs. Peut être outrepassé par la ligne de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2412,17 +2441,17 @@ msgstr "" "défaut sur un répertoire personnel nouvellement créé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "Par défaut : 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2435,17 +2464,17 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "Par défaut : <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2456,17 +2485,17 @@ msgstr "" "par défaut est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "Par défaut : <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2477,18 +2506,18 @@ msgstr "" "commande n'est pas pris en compte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2542,7 +2571,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2600,7 +2629,7 @@ msgstr "" "en tant que fournisseur d'accès." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "OPTIONS DE CONFIGURATION" @@ -2694,12 +2723,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:116 msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" -msgstr "" +msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:119 msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." -msgstr "" +msgstr "La portée peut être l'une des « base », « onelevel » ou « subtree »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:122 @@ -2707,6 +2736,8 @@ msgid "" "The filter must be a valid LDAP search filter as specified by http://www." "ietf.org/rfc/rfc2254.txt" msgstr "" +"Le filtre doit être un filtre de recherche LDAP valide tel que spécifié par " +"http://www.ietf.org/rfc/rfc2254.txt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:126 @@ -2719,6 +2750,8 @@ msgid "" "ldap_search_base = dc=example,dc=com (which is equivalent to) " "ldap_search_base = dc=example,dc=com?subtree?" msgstr "" +"ldap_search_base = dc=example,dc=com (ce qui équivaut à) ldap_search_base = " +"dc=example,dc=com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:134 @@ -2726,6 +2759,8 @@ msgid "" "ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" "(host=thishost)?dc=example.com?subtree?" msgstr "" +"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" +"(host=thishost)?dc=example.com?subtree?" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:137 @@ -3329,12 +3364,12 @@ msgstr "Par défaut : krbPrincipalName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:620 msgid "ldap_user_ssh_public_key (string)" -msgstr "" +msgstr "ldap_user_ssh_public_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:623 msgid "The LDAP attribute that contains the user's SSH public keys." -msgstr "" +msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:630 @@ -3365,6 +3400,8 @@ msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" +"Spécifie la durée en secondes pendant laquelle SSSD doit attendre avant " +"d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:660 @@ -3405,8 +3442,8 @@ msgstr "L'attribut LDAP qui correspond au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "Par défaut : cn" @@ -3421,7 +3458,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "L'attribut LDAP qui liste l'appartenance au groupe de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "Par défaut : memberOf" @@ -3622,7 +3659,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "Par défaut : False" @@ -3653,6 +3690,8 @@ msgstr "La classe d'objet d'une entrée de groupe réseau dans LDAP." #: sssd-ldap.5.xml:919 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" +"Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " +"place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:923 @@ -3745,7 +3784,7 @@ msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1012 msgid "ldap_service_object_class (string)" -msgstr "" +msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1015 @@ -3906,7 +3945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" @@ -4000,6 +4039,8 @@ msgstr "" msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" +"Vous pouvez désactiver complètement les recherches de déréférencement en " +"affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1233 @@ -4021,6 +4062,9 @@ msgid "" "filter, then the dereference lookup performance enhancement will be disabled " "regardless of this setting." msgstr "" +"<emphasis>Remarque :</emphasis> Si l'une des bases de recherche spécifie un " +"filtre de recherche, alors l'amélioration de la performance de recherche de " +"déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1254 @@ -4219,60 +4263,89 @@ msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1418 +#, fuzzy +#| msgid "" +#| "Specify the SASL authorization id to use. When GSSAPI is used, this " +#| "represents the Kerberos principal used for authentication to the " +#| "directory." msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "Définit l'identité d'autorisation SASL à utiliser. Quand GSSAPI est utilisé, " "c'est l'identifiant Kerberos principal utilisé pour s'authentifier au " "dossier." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" +"Si true, la bibliothèque LDAP effectue une recherche inversée pour canoniser " +"le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4283,27 +4356,27 @@ msgstr "" "que le mécanisme choisit est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4315,7 +4388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4326,7 +4399,7 @@ msgstr "" "passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4338,40 +4411,43 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : système par défaut, voir <filename>/etc/krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" +"Spécifie si le principal de l'hôte doit être rendu canonique lors de la " +"connexion au serveur LDAP. Cette fonctionnalité est disponible avec MIT " +"Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4380,7 +4456,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4389,7 +4465,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4397,7 +4473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4407,18 +4483,23 @@ msgstr "" "Kerberos pour déterminer si le mot de passe a expiré. Utilisez " "chpass_provider=krb5 ces attributs lorsque le mot de passe est changé." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "Par défaut : aucun" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le référencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4427,7 +4508,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4436,29 +4517,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4467,31 +4548,31 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4502,12 +4583,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4519,7 +4600,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4528,7 +4609,7 @@ msgstr "" "utilisateurs_autorisés » dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4540,17 +4621,17 @@ msgstr "" "l'accès sera conservé en mode hors-ligne et vice-versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4559,7 +4640,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4571,12 +4652,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4585,7 +4666,7 @@ msgstr "" "ldap_user_shadow_expire pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4598,7 +4679,7 @@ msgstr "" "période d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4609,7 +4690,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4622,29 +4703,29 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste des options de contrôles d'accès, séparées par des virgules. Valeurs " "autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utilise ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilise ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4653,18 +4734,18 @@ msgstr "" "de service pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut d'hôte pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -4673,12 +4754,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4687,12 +4768,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4702,7 +4783,7 @@ msgstr "" "la recherche lui-même." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4711,7 +4792,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4720,7 +4801,7 @@ msgstr "" "recherche et en localisant l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4738,219 +4819,219 @@ msgid "" "\"variablelist\" id=\"0\"/>" msgstr "" "Toutes les options communes de configuration appliquées aux domaines SSSD " -"s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE " +"s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS " "DOMAINE</quote> dans le manuel du fichier <citerefentry> <refentrytitle>sssd." "conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de " "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4958,106 +5039,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5066,12 +5147,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5080,64 +5161,64 @@ msgstr "" "qui est RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "Par défaut : automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "Par défaut : ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "Par défaut : automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5146,32 +5227,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5180,14 +5261,16 @@ msgstr "" "restreint les recherches utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" +"Cette option est <emphasis>déconseillée</emphasis> en faveur de la syntaxe " +"utilisée par ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5197,7 +5280,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5206,12 +5289,12 @@ msgstr "" "qui ont leur interpréteur de commande définit sur /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5220,24 +5303,26 @@ msgstr "" "restreint les recherches de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" +"Cette option est <emphasis>déconseillée</emphasis> en faveur de la syntaxe " +"utilisée par ldap_group_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5249,7 +5334,7 @@ msgstr "" "\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5259,7 +5344,7 @@ msgstr "" "sur un des domaines de la section <replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5281,19 +5366,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5668,21 +5753,29 @@ msgstr "" "ne sont pas évalués." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" "citerefentry> manual page for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Veuillez vous référer à la section <quote>SECTIONS DE DOMAINE</quote> du " -"manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> pour les détails sur la " -"configuration du domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" +"Veuillez vous référer à la section <quote>SECTIONS DOMAINE</quote> du manuel " +"de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> pour les détails sur la configuration du domaine " +"SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" @@ -5690,7 +5783,7 @@ msgstr "" "et simple_deny_users, sont définis." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5702,7 +5795,7 @@ msgstr "" "spécifique." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5768,13 +5861,21 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -5783,12 +5884,12 @@ msgstr "" "domaine de configuration est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5798,12 +5899,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." @@ -5813,12 +5914,12 @@ msgstr "" "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." @@ -5827,7 +5928,7 @@ msgstr "" "du serveur DNS construit dans FreeIPA v2 avec l'adresse IP du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5837,12 +5938,12 @@ msgstr "" "être défini correctement dans /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." @@ -5852,44 +5953,48 @@ msgstr "" "DNS dynamiques." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "Par défaut : utilise l'adresse IP de la connexion IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" +"Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " +"HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "Par défaut : utilise la base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" +"Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la " +"configuration des bases de recherche multiples." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5897,65 +6002,65 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5964,7 +6069,7 @@ msgstr "" "original." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -5973,7 +6078,7 @@ msgstr "" "<quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -5982,7 +6087,7 @@ msgstr "" "convertit en la base DN pour effectuer des opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5990,12 +6095,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -6006,17 +6111,17 @@ msgstr "" "requêtes de contrôle d'accès pendant une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "ipa_hbac_treat_deny_as (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -6030,7 +6135,7 @@ msgstr "" "client supportera deux modes opératoires pendant cette transition :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." @@ -6039,7 +6144,7 @@ msgstr "" "tous les utilisateurs ne pourront pas se connecter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." @@ -6048,78 +6153,80 @@ msgstr "" "Faites attention avec cette option, elle peut fournir des accès non-prévus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "Par défaut : DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "ipa_hbac_support_srchost (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." -msgstr "" +msgstr "Si false, srchost tel qu'il figure à SSSD par PAM sera ignoré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "Par défaut : Le lieu nommé « default »" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "ipa_netgroup_member_of (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." -msgstr "" +msgstr "L'attribut LDAP qui répertorie les appartenances aux netgroups." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "ipa_netgroup_member_user (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" +"L'attribut LDAP qui répertorie les utilisateurs et les groupes qui sont " +"membres directs du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "Par défaut : memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "ipa_netgroup_member_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." @@ -6128,221 +6235,255 @@ msgstr "" "sont membres directs du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "Par défaut : memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" -msgstr "" +msgstr "ipa_netgroup_member_ext_host (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" +"L'attribut LDAP qui répertorie les noms de domaines complets des systèmes et " +"des groupes de systèmes qui appartiennent au groupe réseau." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "Par défaut : externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" -msgstr "" +msgstr "ipa_netgroup_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." -msgstr "" +msgstr "L'attribut LDAP qui contient le nom de domaine NIS du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "Par défaut : nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" -msgstr "" +msgstr "ipa_host_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." -msgstr "" +msgstr "La classe de l'objet d'une entrée d'hôte dans l'annuaire LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "Par défaut : ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" -msgstr "" +msgstr "ipa_host_fqdn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." -msgstr "" +msgstr "L'attribut LDAP qui contient le nom de domaine complet du système." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "Par défaut : nom de domaine complet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "Par défaut : seeAlso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "Par défaut : ipaSELinuxUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "Par défaut : ipaEnabledFlag" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "Par défaut : userCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "Par défaut : hostCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "Par défaut : ipaUniqueID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "Par défaut : ipaSshPubKey" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6353,7 +6494,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -6495,7 +6636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6503,7 +6644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6872,12 +7013,12 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.8.xml:135 msgid "<option>--version</option>" -msgstr "" +msgstr "<option>--version</option>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.8.xml:139 msgid "Print version number and exit." -msgstr "" +msgstr "Afficher le numéro de version et quitter." #. type: Content of: <reference><refentry><refsect1><title> #: sssd.8.xml:147 @@ -7832,11 +7973,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:400 +#, fuzzy +#| msgid "" +#| "Please note also that sssd supports fast only with MIT Kerberos version " +#| "1.8 and above. If sssd used with an older version using this option is a " +#| "configuration error." msgid "" "NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If " "SSSD is used with an older version of MIT Kerberos, using this option is a " "configuration error." msgstr "" +"Veuillez noter que sssd prend également en charge le paramètre fast " +"uniquement avec MIT Kerberos version 1.8 et au-delà. L'utilisation de sssd " +"avec une version antérieure avec cette option est une erreur de " +"configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:409 @@ -7850,19 +8000,27 @@ msgstr "Spécifie le serveur principal pour utiliser FAST." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-krb5.5.xml:421 +#, fuzzy +#| msgid "" +#| "Specifies if the host and user principal should be canonicalized. This " +#| "feature is available with MIT Kerberos >= 1.7" msgid "" "Specifies if the host and user principal should be canonicalized. This " "feature is available with MIT Kerberos 1.7 and later versions." msgstr "" +"Spécifie si les principaux du système et de l'utilisateur doivent être " +"rendus canoniques. Cette fonctionnalité est disponible avec MIT Kerberos >= " +"1.7" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 #, fuzzy #| msgid "" -#| "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " -#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" -#| "citerefentry> manual page for details on the configuration of an SSSD " -#| "domain. <placeholder type=\"variablelist\" id=\"0\"/>" +#| "If the auth-module krb5 is used in a SSSD domain, the following options " +#| "must be used. See the <citerefentry> <refentrytitle>sssd.conf</" +#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, " +#| "section <quote>DOMAIN SECTIONS</quote> for details on the configuration " +#| "of a SSSD domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgid "" "If the auth-module krb5 is used in an SSSD domain, the following options " "must be used. See the <citerefentry> <refentrytitle>sssd.conf</" @@ -7870,29 +8028,31 @@ msgid "" "<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD " "domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -"Veuillez vous référer à la section <quote>SECTIONS DE DOMAINE</quote> du " -"manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> pour les détails sur la " -"configuration du domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>" +"Si le module auth krb5 est utilisé dans un domaine SSSD, les options " +"suivantes doivent être utilisées. Cf. la page de manuel " +"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>, section <quote>SECTIONS DOMAINE</quote> pour plus " +"de détails sur la configuration d'un domaine SSSD. <placeholder type=" +"\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:443 #, fuzzy #| msgid "" -#| "The following example assumes that SSSD is correctly configured and " -#| "example.com is one of the domains in the <replaceable>[sssd]</" -#| "replaceable> section. This examples shows only the simple access provider-" -#| "specific options." +#| "The following example assumes that SSSD is correctly configured and FOO " +#| "is one of the domains in the <replaceable>[sssd]</replaceable> section. " +#| "This example shows only configuration of Kerberos authentication, it does " +#| "not include any identity provider." msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " "example shows only configuration of Kerberos authentication; it does not " "include any identity provider." msgstr "" -"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com " -"est un des domaines dans la section <replaceable>[sssd]</replaceable>. Ces " -"exemples montrent seulement les options du simple fournisseur d'accès " -"spécifique." +"L'exemple suivant suppose que SSSD est correctement configuré et que FOO est " +"l'un des domaines dans la section <replaceable>[sssd]</replaceable>. Cet " +"exemple montre uniquement la configuration de l'authentification Kerberos, " +"et n'inclut pas une autre fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-krb5.5.xml:451 @@ -7936,6 +8096,9 @@ msgid "" "compatible with POSIX groups, with the additional feature that they can " "contain other groups as members." msgstr "" +"<command>sss_groupadd</command> crée un nouveau groupe. Ces groupes sont " +"compatibles avec les groupes POSIX, avec la caractéristique supplémentaire " +"qu'ils peuvent contenir d'autres groupes comme membres." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupadd.8.xml:43 sss_seed.8.xml:88 @@ -7950,6 +8113,8 @@ msgid "" "Set the GID of the group to the value of <replaceable>GID</replaceable>. If " "not given, it is chosen automatically." msgstr "" +"Positionne le GID du groupe à la valeur <replaceable>GID</replaceable>. Si " +"non spécifié, il est choisi automatiquement." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 @@ -7978,6 +8143,8 @@ msgid "" "<command>sss_userdel</command> deletes a user identified by login name " "<replaceable>LOGIN</replaceable> from the system." msgstr "" +"<command>sss_userdel</command> supprime un utilisateur identifié par le nom " +"de connexion <replaceable>LOGIN</replaceable> du système." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 @@ -7990,6 +8157,8 @@ msgid "" "Files in the user's home directory will be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" +"Les fichiers dans le répertoire ainsi que le répertoire lui-même de " +"l'utilisateur et sa messagerie seront supprimés. Outrepasse la configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 @@ -8002,6 +8171,9 @@ msgid "" "Files in the user's home directory will NOT be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" +"Les fichiers dans le répertoire ainsi que le répertoire lui-même de " +"l'utilisateur et sa messagerie ne seront PAS supprimés. Outrepasse la " +"configuration." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 @@ -8014,6 +8186,9 @@ msgid "" "This option forces <command>sss_userdel</command> to remove the user's home " "directory and mail spool, even if they are not owned by the specified user." msgstr "" +"Cette option oblige <command>sss_userdel</command> à supprimer le répertoire " +"home de l'utilisateur et sa messagerie, même si ils ne sont pas détenus par " +"l'utilisateur spécifié." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 @@ -8024,6 +8199,7 @@ msgstr "<option>-k</option>,<option>--kick</option>" #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." msgstr "" +"Avant de réellement supprimer l'utilisateur, mettre fin à tous ses processus." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 @@ -8052,6 +8228,8 @@ msgid "" "<command>sss_groupdel</command> deletes a group identified by its name " "<replaceable>GROUP</replaceable> from the system." msgstr "" +"<command>sss_groupdel</command> supprime du système un groupe identifié par " +"son nom de <replaceable>groupe</replaceable>." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 @@ -8081,6 +8259,9 @@ msgid "" "identified by its name <replaceable>GROUP</replaceable>. The information " "includes the group ID number, members of the group and the parent group." msgstr "" +"<command>sss_groupshow</command> affiche des informations sur un groupe " +"identifié par son nom <replaceable>GROUPE</replaceable>. Les informations " +"incluent l'ID de groupe, les membres du groupe ainsi que le groupe parent." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 @@ -8094,6 +8275,9 @@ msgid "" "also affects printing parent groups - without <option>R</option>, only the " "direct parent will be printed." msgstr "" +"Affiche aussi les membres indirects de groupe dans une hiérarchie " +"arborescente. Notez que cela affecte également les affichages de groupes " +"parents - sans <option>R</option>, seul le parent direct sera affiché." #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 @@ -8144,6 +8328,9 @@ msgid "" "replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " "a comma separated list of group names." msgstr "" +"Ajouter cet utilisateur aux groupes spécifiés par le paramètre " +"<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</" +"replaceable> est une liste séparée par des virgules de noms de groupes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:96 @@ -8151,6 +8338,8 @@ msgid "" "Remove this user from groups specified by the <replaceable>GROUPS</" "replaceable> parameter." msgstr "" +"Retirer cet utilisateur de groupes spécifiés par le paramètre " +"<replaceable>GROUPS</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 @@ -8614,6 +8803,7 @@ msgstr "" msgid "" "<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" msgstr "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_ssh_knownhostsproxy.1.xml:71 @@ -8629,6 +8819,8 @@ msgstr "" msgid "" "Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." msgstr "" +"Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</" +"replaceable> hôte." #. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 @@ -8695,6 +8887,8 @@ msgstr "Voir aussi" msgid "" "For more information on the service discovery mechanism, refer to RFC 2782." msgstr "" +"Pour plus d'informations sur le mécanisme de découverte de service, reportez-" +"vous à la RFC 2782." #. type: Content of: outside any tag (error?) #: include/upstream.xml:1 @@ -8725,6 +8919,10 @@ msgid "" "is allowed around the comma. The servers are listed in order of preference. " "The list can contain any number of servers." msgstr "" +"La liste des serveurs est donnée sous forme de liste séparée par des " +"virgules ; un nombre quelconque d'espaces est autorisé autour de la virgule. " +"Les serveurs sont répertoriés par ordre de préférence. La liste peut " +"contenir un nombre quelconque de serveurs." #. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:16 @@ -8815,6 +9013,10 @@ msgid "" "into equally-sized component sections - called \"slices\"-. Each slice " "represents the space available to an Active Directory domain." msgstr "" +"L'algorithme de mise en correspondance des ID de SSSD tient un éventail " +"d'uid disponibles et le divise en sections de même taille, appelées « " +"tranches ». Chaque tranche représente l'espace disponible dans un domaine " +"Active Directory." #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:31 @@ -9018,7 +9220,7 @@ msgstr "" #. type: Content of: <listitem><para> #: include/debug_levels.xml:8 msgid "Currently supported debug levels:" -msgstr "" +msgstr "Niveaux de débogage actuellement pris en charge :" #. type: Content of: <listitem><para> #: include/debug_levels.xml:11 diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 190bd1805..78f91c617 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -10,9 +10,9 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" -"PO-Revision-Date: 2012-10-05 17:53+0000\n" -"Last-Translator: jhrozek <jhrozek@redhat.com>\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" +"PO-Revision-Date: 2012-11-26 09:44+0000\n" +"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n" "Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n" "Language: ja\n" "MIME-Version: 1.0\n" @@ -230,7 +230,7 @@ msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "セクションのパラメーター" @@ -273,12 +273,12 @@ msgstr "" "\">, pac</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -287,7 +287,7 @@ msgstr "" "める前に試行する回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "初期値: 3" @@ -309,7 +309,7 @@ msgstr "" "始できません。このパラメーターは検索したいドメインの一覧を表されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (文字列)" @@ -329,7 +329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" @@ -429,32 +429,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "初期値: 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -464,15 +443,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -495,12 +474,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "サービスセクション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -512,80 +491,80 @@ msgstr "" "ば、NSS サービスは <quote>[nss]</quote> セクションです" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "サービス設定の全体オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "これらのオプションはすべてのサービスを設定するために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "デバッグメッセージに日時を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "初期値: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "デバッグメッセージの日時にマイクロ秒を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "初期値: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -595,17 +574,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -615,6 +594,27 @@ msgstr "" "ファイル記述子に保持できる秒数を指定します。この値はシステムのリソース枯渇を" "避けるために制限されます。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "初期値: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -713,7 +713,7 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "初期値: 15" @@ -984,52 +984,53 @@ msgstr "default_shell" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "memcache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1038,12 +1039,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1052,17 +1053,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1070,12 +1071,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1084,7 +1085,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1095,17 +1096,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1114,42 +1115,42 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1159,7 +1160,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1172,17 +1173,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1192,41 +1193,41 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "これらのオプションは sudo サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1235,22 +1236,22 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1260,52 +1261,52 @@ msgstr "" "効なマップエントリーに対する問い合わせ)が再びバックエンドに問い合わせる前に" "ヒットする秒数を指定します。" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "初期値: 180" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "初期値: 180" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1317,7 +1318,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1328,24 +1329,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1353,12 +1354,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1367,17 +1368,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1386,7 +1387,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1398,17 +1399,17 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1417,22 +1418,22 @@ msgstr "" "必要があります:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1446,7 +1447,7 @@ msgstr "" "は遅いかもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1455,7 +1456,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1468,12 +1469,12 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1482,17 +1483,17 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1501,18 +1502,18 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1521,12 +1522,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1535,12 +1536,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1549,54 +1550,54 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか" "を決めます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1608,17 +1609,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1627,17 +1628,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1645,17 +1646,17 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: レガシーな NSS プロバイダーのサポート" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1666,8 +1667,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1680,8 +1681,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1692,12 +1693,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1706,7 +1707,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1719,12 +1720,12 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1733,7 +1734,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1744,7 +1745,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1755,19 +1756,19 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1776,12 +1777,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1792,7 +1793,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -1801,12 +1802,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1819,17 +1820,17 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1838,7 +1839,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1849,7 +1850,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1860,7 +1861,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -1868,12 +1869,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -1882,19 +1883,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1905,23 +1906,24 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1929,7 +1931,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1937,31 +1939,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 +#, fuzzy +#| msgid "" +#| "The provider which should handle change password operations for the " +#| "domain. Supported change password providers are:" msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" +"ドメインに対するパスワード変更操作を取り扱うプロバイダーです。サポートされる" +"パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1969,22 +1977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "初期値: none" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -1992,7 +1995,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2000,7 +2003,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2008,17 +2011,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2027,7 +2030,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2035,19 +2038,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2056,29 +2059,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" -msgstr "" +msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" -msgstr "" +msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" -msgstr "" +msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2089,7 +2092,7 @@ msgstr "" "everything after that\" に解釈されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2097,7 +2100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2106,7 +2109,7 @@ msgstr "" "Python 構文 (?P<name>) のみをサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -2114,17 +2117,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2133,46 +2136,46 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2183,12 +2186,12 @@ msgstr "" "ドにて操作を継続します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2197,27 +2200,27 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "case_sensitive (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." @@ -2226,17 +2229,17 @@ msgstr "" "このオプションはローカルプロバイダーにおいてサポートされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2245,31 +2248,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2280,17 +2283,17 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2299,12 +2302,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2315,7 +2318,7 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2324,12 +2327,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "ローカルドメインのセクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2340,27 +2343,27 @@ msgstr "" "メインに対する設定を含みます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "初期値: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2369,17 +2372,17 @@ msgstr "" "ホームディレクトリーとして使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "初期値: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2388,17 +2391,17 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2407,12 +2410,12 @@ msgstr "" "す。コマンドラインにおいて上書きできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2423,17 +2426,17 @@ msgstr "" "manvolnum> </citerefentry> により使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "初期値: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2446,17 +2449,17 @@ msgstr "" "を含む、スケルトンディレクトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "初期値: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2467,17 +2470,17 @@ msgstr "" "が使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "初期値: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2488,18 +2491,18 @@ msgstr "" "せん。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2553,7 +2556,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2609,7 +2612,7 @@ msgstr "" "オプションを参照してください。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "設定オプション" @@ -2617,7 +2620,7 @@ msgstr "設定オプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri, ldap_backup_uri (string)" -msgstr "" +msgstr "ldap_uri, ldap_backup_uri (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 @@ -2779,22 +2782,22 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:172 msgid "rfc2307" -msgstr "" +msgstr "rfc2307" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:177 msgid "rfc2307bis" -msgstr "" +msgstr "rfc2307bis" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:182 msgid "IPA" -msgstr "" +msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> #: sssd-ldap.5.xml:187 msgid "AD" -msgstr "" +msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:193 @@ -3405,8 +3408,8 @@ msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "初期値: cn" @@ -3421,7 +3424,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "初期値: memberOf" @@ -3624,14 +3627,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:886 msgid "ldap_initgroups_use_matching_rule_in_chain" -msgstr "" +msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:889 @@ -3899,7 +3902,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" @@ -4210,25 +4213,52 @@ msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1418 +#, fuzzy +#| msgid "" +#| "Specify the SASL authorization id to use. When GSSAPI is used, this " +#| "represents the Kerberos principal used for authentication to the " +#| "directory." msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "使用する SASL 認可 ID を指定します。 GSSAPI が使用されるとき、これが認証のた" "めに使用される Kerberos プリンシパルをディレクトリーに表現されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4237,33 +4267,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4274,27 +4304,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4306,7 +4336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4317,7 +4347,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4328,27 +4358,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4357,12 +4387,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4371,7 +4401,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4380,7 +4410,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4391,7 +4421,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4401,18 +4431,23 @@ msgstr "" "ために MIT Kerberos により使用される属性を使用します。パスワードが変更される" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "初期値: none" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4421,7 +4456,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4430,28 +4465,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4460,29 +4495,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4493,12 +4528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4510,7 +4545,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4519,7 +4554,7 @@ msgstr "" "ンバーに制限されることを意味します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4532,17 +4567,17 @@ msgstr "" "た同様です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4551,7 +4586,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4562,12 +4597,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4576,7 +4611,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4585,7 +4620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4596,7 +4631,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4609,28 +4644,28 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4639,30 +4674,30 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4671,12 +4706,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4685,7 +4720,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4694,7 +4729,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4703,7 +4738,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4727,57 +4762,57 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -4786,17 +4821,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -4805,49 +4840,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -4855,34 +4890,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -4891,39 +4926,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" -msgstr "" +msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -4932,17 +4967,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4950,31 +4985,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -4983,15 +5018,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5000,17 +5035,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5019,7 +5054,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5027,36 +5062,36 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5068,59 +5103,59 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "初期値: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "初期値: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5129,17 +5164,17 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "初期値: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5152,32 +5187,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5186,7 +5221,7 @@ msgstr "" "定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5195,7 +5230,7 @@ msgstr "" "<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5205,7 +5240,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5214,12 +5249,12 @@ msgstr "" "制限されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5228,7 +5263,7 @@ msgstr "" "定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5237,17 +5272,17 @@ msgstr "" "<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5258,7 +5293,7 @@ msgstr "" "さい。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5269,7 +5304,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5291,19 +5326,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5672,7 +5707,7 @@ msgstr "" "ンの中のグループのみに適用されます。ローカルグループは評価されません。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5687,6 +5722,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" @@ -5694,7 +5737,7 @@ msgstr "" "なることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5705,7 +5748,7 @@ msgstr "" "セスプロバイダー固有の簡単なオプションのみを示します。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5780,13 +5823,21 @@ msgstr "" "セスプロバイダーが設定されていなければ、クライアント側において必要になりま" "す。" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -5795,12 +5846,12 @@ msgstr "" "ドメイン名が使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5810,12 +5861,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." @@ -5824,12 +5875,12 @@ msgstr "" "使用される完全修飾名を反映しないマシンにおいて設定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." @@ -5838,7 +5889,7 @@ msgstr "" "レスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5848,12 +5899,12 @@ msgstr "" "要があります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." @@ -5862,41 +5913,41 @@ msgstr "" "ために使用される IP アドレスのインターフェースを選択します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "初期値: IPA LDAP 接続の IP アドレスを使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "初期値: ベース DN を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" "オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -5905,7 +5956,7 @@ msgstr "" "してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5916,62 +5967,62 @@ msgstr "" "と、フィルターは無視されます。" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列" "を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." @@ -5979,7 +6030,7 @@ msgstr "" "取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -5988,7 +6039,7 @@ msgstr "" "してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -5997,7 +6048,7 @@ msgstr "" "quote> の値です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -6006,7 +6057,7 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -6016,12 +6067,12 @@ msgstr "" "するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -6029,17 +6080,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "ipa_hbac_treat_deny_as (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -6053,7 +6104,7 @@ msgstr "" "操作をサポートします:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." @@ -6062,7 +6113,7 @@ msgstr "" "てのユーザーがアクセスを拒否されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." @@ -6072,17 +6123,17 @@ msgstr "" "注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "初期値: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "ipa_hbac_support_srchost (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." @@ -6091,7 +6142,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" @@ -6101,37 +6152,37 @@ msgstr "" "ようになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "この IPA クライアントが使用する automounter の場所です" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "初期値: \"default\" という名前の場所" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "ipa_netgroup_member_of (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "ネットワークグループのメンバーを一覧にする LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "ipa_netgroup_member_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." @@ -6140,17 +6191,17 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "初期値: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "ipa_netgroup_member_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." @@ -6159,17 +6210,17 @@ msgstr "" "LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "初期値: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "ipa_netgroup_member_ext_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." @@ -6178,100 +6229,100 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "初期値: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "ipa_netgroup_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "ネットワークグループの NIS ドメイン名を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "初期値: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "ipa_host_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "LDAP にあるホストエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "初期値: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "ipa_host_fqdn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "ホストの FQDN を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "初期値: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "ipa_selinux_usermap_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "ipa_selinux_usermap_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "SELinux ユーザーマップの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "ipa_selinux_usermap_member_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "このルールが一致するすべてのユーザー・グループを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "ipa_selinux_usermap_member_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "このルールが一致するホスト・ホストグループを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "ipa_selinux_usermap_see_also (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" @@ -6280,32 +6331,32 @@ msgstr "" "む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "初期値: seeAlso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "ipa_selinux_usermap_selinux_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "SELinux ユーザー文字列自身を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "初期値: ipaSELinuxUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "ipa_selinux_usermap_enabled (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." @@ -6313,72 +6364,104 @@ msgstr "" "ユーザーマップが使用するために有効化されているかどうかを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "初期値: ipaEnabledFlag" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "ipa_selinux_usermap_user_category (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "'all' のようなユーザーカテゴリーを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "初期値: userCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "ipa_selinux_usermap_host_category (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "'all' のようなホストカテゴリーを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "初期値: hostCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "ipa_selinux_usermap_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "ユーザーマップの一意な ID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "初期値: ipaUniqueID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "ipa_host_ssh_public_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "ホストの SSH 公開鍵を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "初期値: ipaSshPubKey" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6389,7 +6472,7 @@ msgstr "" "例は IPA プロバイダー固有のオプションのみを示しています。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -6494,7 +6577,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ad.5.xml:99 msgid "ad_server, ad_backup_server (string)" -msgstr "" +msgstr "ad_server, ad_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:102 @@ -6537,9 +6620,11 @@ msgid "" "fallback_homedir = /home/%u\n" " " msgstr "" +"fallback_homedir = /home/%u\n" +" " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6550,7 +6635,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6576,7 +6661,7 @@ msgstr "" #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16 msgid "sssd-sudo" -msgstr "" +msgstr "sssd-sudo" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:23 @@ -6615,7 +6700,7 @@ msgstr "" #: sssd-sudo.5.xml:57 #, no-wrap msgid "sudoers: files sss\n" -msgstr "" +msgstr "sudoers: files sss\n" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:61 @@ -6630,7 +6715,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><title> #: sssd-sudo.5.xml:72 msgid "Configuring SSSD to fetch sudo rules" -msgstr "" +msgstr "sudo ルールを取得するよう SSSD を設定する方法" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-sudo.5.xml:74 @@ -9149,7 +9234,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:117 msgid "Default: 2000200000" -msgstr "" +msgstr "初期値: 2000200000" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> #: include/ldap_id_mapping.xml:122 @@ -9230,7 +9315,7 @@ msgstr "" #. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-?</option>,<option>--help</option>" -msgstr "" +msgstr "<option>-?</option>,<option>--help</option>" #. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 include/param_help_py.xml:7 diff --git a/src/man/po/lv.po b/src/man/po/lv.po new file mode 100644 index 000000000..763a06e65 --- /dev/null +++ b/src/man/po/lv.po @@ -0,0 +1,8278 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Red Hat +# This file is distributed under the same license as the sssd-docs package. +# +# Translators: +# Kristaps <krkadikis@inbox.lv>, 2012. +msgid "" +msgstr "" +"Project-Id-Version: SSSD\n" +"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" +"PO-Revision-Date: 2012-10-25 17:03+0000\n" +"Last-Translator: Kristaps <krkadikis@inbox.lv>\n" +"Language-Team: Latvian (http://www.transifex.com/projects/p/fedora/language/" +"lv/)\n" +"Language: lv\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : " +"2);\n" + +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 +#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 +#: sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 +#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 +#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 +#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 +#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 +#: sss_ssh_knownhostsproxy.1.xml:5 +msgid "SSSD Manual pages" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 +msgid "sss_groupmod" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 +#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 +#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 +#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 +#: sss_debuglevel.8.xml:11 sss_seed.8.xml:11 +msgid "8" +msgstr "8" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupmod.8.xml:16 +msgid "modify a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupmod.8.xml:21 +msgid "" +"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 +#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 +#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 +#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 +#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 +#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 +#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30 +#: sss_ssh_knownhostsproxy.1.xml:31 +msgid "DESCRIPTION" +msgstr "APRAKSTS" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupmod.8.xml:32 +msgid "" +"<command>sss_groupmod</command> modifies the group to reflect the changes " +"that are specified on the command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 +#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 +#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42 +#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62 +msgid "OPTIONS" +msgstr "IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 +msgid "" +"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:48 +msgid "" +"Append this group to groups specified by the <replaceable>GROUPS</" +"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " +"a comma separated list of group names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 +msgid "" +"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupmod.8.xml:62 +msgid "" +"Remove this group from groups specified by the <replaceable>GROUPS</" +"replaceable> parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.conf.5.xml:10 sssd.conf.5.xml:16 +msgid "sssd.conf" +msgstr "sssd.conf" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 +#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 +msgid "5" +msgstr "5" + +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 +#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 +msgid "File Formats and Conventions" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 +#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17 +msgid "the configuration file for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:21 +msgid "FILE FORMAT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:29 +#, no-wrap +msgid "" +" <replaceable>[section]</replaceable>\n" +" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n" +" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:24 +msgid "" +"The file has an ini-style syntax and consists of sections and parameters. A " +"section begins with the name of the section in square brackets and continues " +"until the next section begins. An example of section with single and multi-" +"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:36 +msgid "" +"The data types used are string (no quotes needed), integer and bool (with " +"values of <quote>TRUE/FALSE</quote>)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:41 +msgid "" +"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " +"(<quote>;</quote>). Inline comments are not supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:47 +msgid "" +"All sections can have an optional <replaceable>description</replaceable> " +"parameter. Its function is only as a label for the section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:53 +msgid "" +"<filename>sssd.conf</filename> must be a regular file, owned by root and " +"only root may read from or write to the file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:59 +msgid "SPECIAL SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:62 +msgid "The [sssd] section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 +msgid "Section parameters" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:73 +msgid "config_file_version (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:76 +msgid "" +"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " +"version 2." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:82 +msgid "services" +msgstr "pakalpojumi" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:85 +msgid "" +"Comma separated list of services that are started when sssd itself starts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:89 +msgid "" +"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> " +"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition=" +"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</" +"phrase>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 +msgid "reconnection_retries (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 +msgid "" +"Number of times services should attempt to reconnect in the event of a Data " +"Provider crash or restart before they give up" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 +msgid "Default: 3" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:111 +msgid "domains" +msgstr "domēni" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:114 +msgid "" +"A domain is a database containing user information. SSSD can use more " +"domains at the same time, but at least one must be configured or SSSD won't " +"start. This parameter described the list of domains in the order you want " +"them to be queried." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 +msgid "re_expression (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:127 +msgid "" +"Default regular expression that describes how to parse the string containing " +"user name and domain into these components." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:132 +msgid "" +"Each domain can have an individual regular expression configured. For some " +"ID providers there are also default regular expressions. See DOMAIN " +"SECTIONS for more info on these regular expressions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 +msgid "full_name_format (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:144 +msgid "" +"The default <citerefentry> <refentrytitle>printf</refentrytitle> " +"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " +"how to translate a (name, domain) tuple into a fully qualified name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:152 +msgid "" +"Each domain can have an individual format string configured. see DOMAIN " +"SECTIONS for more info on this option." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:158 +msgid "try_inotify (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:161 +msgid "" +"SSSD monitors the state of resolv.conf to identify when it needs to update " +"its internal DNS resolver. By default, we will attempt to use inotify for " +"this, and will fall back to polling resolv.conf every five seconds if " +"inotify cannot be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:169 +msgid "" +"There are some limited situations where it is preferred that we should skip " +"even trying to use inotify. In these rare cases, this option should be set " +"to 'false'" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:175 +msgid "" +"Default: true on platforms where inotify is supported. False on other " +"platforms." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:179 +msgid "" +"Note: this option will have no effect on platforms where inotify is " +"unavailable. On these platforms, polling will always be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:186 +msgid "krb5_rcache_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:189 +msgid "" +"Directory on the filesystem where SSSD should store Kerberos replay cache " +"files." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:193 +msgid "" +"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " +"SSSD to let libkrb5 decide the appropriate location for the replay cache." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:199 +msgid "" +"Default: Distribution-specific and specified at build-time. " +"(__LIBKRB5_DEFAULTS__ if not configured)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:206 +msgid "default_domain_suffix (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:209 +msgid "" +"This string will be used as a default domain name for all names without a " +"domain name component. The main use case is environments where the primary " +"domain is intended for managing host policies and all users are located in a " +"trusted domain. The option allows those users to log in just with their " +"user name without giving a domain name as well." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:219 +msgid "" +"Please note that if this option is set all users from the primary domain " +"have to use their fully qualified name, e.g. user@domain.name, to log in." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 +#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 +#: include/ldap_id_mapping.xml:156 +msgid "Default: not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:64 +msgid "" +"Individual pieces of SSSD functionality are provided by special SSSD " +"services that are started and stopped together with SSSD. The services are " +"managed by a special service frequently called <quote>monitor</quote>. The " +"<quote>[sssd]</quote> section is used to configure the monitor as well as " +"some other important options like the identity domains. <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:236 +msgid "SERVICES SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:238 +msgid "" +"Settings that can be used to configure different services are described in " +"this section. They should reside in the [<replaceable>$NAME</replaceable>] " +"section, for example, for NSS service, the section would be <quote>[nss]</" +"quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:245 +msgid "General service configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:247 +msgid "These options can be used to configure any service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:251 +msgid "debug_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:255 +msgid "debug_timestamps (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:258 +msgid "Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 +msgid "Default: true" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:266 +msgid "debug_microseconds (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:269 +msgid "Add microseconds to the timestamp in debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 +#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 +msgid "Default: false" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:277 +msgid "timeout (integer)" +msgstr "noildze (vesels skaitlis)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:280 +msgid "" +"Timeout in seconds between heartbeats for this service. This is used to " +"ensure that the process is alive and capable of answering requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 +msgid "Default: 10" +msgstr "Noklusējuma: 10" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:303 +msgid "fd_limit" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:306 +msgid "" +"This option specifies the maximum number of file descriptors that may be " +"opened at one time by this SSSD process. On systems where SSSD is granted " +"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On " +"systems without this capability, the resulting value will be the lower value " +"of this or the limits.conf \"hard\" limit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:315 +msgid "Default: 8192 (or limits.conf \"hard\" limit)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:320 +msgid "client_idle_timeout" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:323 +msgid "" +"This option specifies the number of seconds that a client of an SSSD process " +"can hold onto a file descriptor without communicating on it. This value is " +"limited in order to avoid resource exhaustion on the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Noklusējuma: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:354 +msgid "NSS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:356 +msgid "" +"These options can be used to configure the Name Service Switch (NSS) service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:361 +msgid "enum_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:364 +msgid "" +"How many seconds should nss_sss cache enumerations (requests for info about " +"all users)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:368 +msgid "Default: 120" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:373 +msgid "entry_cache_nowait_percentage (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:376 +msgid "" +"The entry cache can be set to automatically update entries in the background " +"if they are requested beyond a percentage of the entry_cache_timeout value " +"for the domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:382 +msgid "" +"For example, if the domain's entry_cache_timeout is set to 30s and " +"entry_cache_nowait_percentage is set to 50 (percent), entries that come in " +"after 15 seconds past the last cache update will be returned immediately, " +"but the SSSD will go and update the cache on its own, so that future " +"requests will not need to block waiting for a cache update." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:392 +msgid "" +"Valid values for this option are 0-99 and represent a percentage of the " +"entry_cache_timeout for each domain. For performance reasons, this " +"percentage will never reduce the nowait timeout to less than 10 seconds. (0 " +"disables this feature)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:400 +msgid "Default: 50" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:405 +msgid "entry_negative_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 +msgid "" +"Specifies for how many seconds nss_sss should cache negative cache hits " +"(that is, queries for invalid database entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 +msgid "Default: 15" +msgstr "Noklusējuma: 15" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:419 +msgid "filter_users, filter_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:422 +msgid "" +"Exclude certain users from being fetched from the sss NSS database. This is " +"particularly useful for system accounts. This option can also be set per-" +"domain or include fully-qualified names to filter only users from the " +"particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:429 +msgid "Default: root" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:434 +msgid "filter_users_in_groups (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:437 +msgid "" +"If you want filtered user still be group members set this option to false." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:446 sssd-ad.5.xml:132 +msgid "override_homedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:455 sssd-ad.5.xml:141 sssd-krb5.5.xml:169 +msgid "%u" +msgstr "%u" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:456 sssd-ad.5.xml:142 sssd-krb5.5.xml:170 +msgid "login name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:459 sssd-ad.5.xml:145 sssd-krb5.5.xml:173 +msgid "%U" +msgstr "%U" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:460 sssd-ad.5.xml:146 +msgid "UID number" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:463 sssd-ad.5.xml:149 sssd-krb5.5.xml:191 +msgid "%d" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:464 sssd-ad.5.xml:150 +msgid "domain name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:467 sssd-ad.5.xml:153 +msgid "%f" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:468 sssd-ad.5.xml:154 +msgid "fully qualified user name (user@domain)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203 +msgid "%%" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204 +msgid "a literal '%'" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:449 sssd-ad.5.xml:135 +msgid "" +"Override the user's home directory. You can either provide an absolute value " +"or a template. In the template, the following sequences are substituted: " +"<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:478 sssd-ad.5.xml:164 +msgid "This option can also be set per-domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169 +#, no-wrap +msgid "" +"override_homedir = /home/%u\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191 +msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:487 sssd-ad.5.xml:173 +msgid "Default: Not set (SSSD will use the value retrieved from LDAP)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:493 sssd-ad.5.xml:179 +msgid "fallback_homedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:496 sssd-ad.5.xml:182 +msgid "" +"Set a default template for a user's home directory if one is not specified " +"explicitly by the domain's data provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:501 sssd-ad.5.xml:187 +msgid "" +"The available values for this option are the same as for override_homedir." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:511 sssd-ad.5.xml:197 +msgid "Default: not set (no substitution for unset home directories)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:517 +msgid "override_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:520 +msgid "" +"Override the login shell for all users. This option can be specified " +"globally in the [nss] section or per-domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:525 +msgid "Default: not set (SSSD will use the value retrieved from LDAP)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:531 +msgid "allowed_shells (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:534 +msgid "" +"Restrict user shell to one of the listed values. The order of evaluation is:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:537 +msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:541 +msgid "" +"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" +"quote>, use the value of the shell_fallback parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:546 +msgid "" +"3. If the shell is not in the allowed_shells list and not in <quote>/etc/" +"shells</quote>, a nologin shell is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:551 +msgid "An empty string for shell is passed as-is to libc." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:554 +msgid "" +"The <quote>/etc/shells</quote> is only read on SSSD start up, which means " +"that a restart of the SSSD is required in case a new shell is installed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:558 +msgid "Default: Not set. The user shell is automatically used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:563 +msgid "vetoed_shells (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:566 +msgid "Replace any instance of these shells with the shell_fallback" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:571 +msgid "shell_fallback (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:574 +msgid "" +"The default shell to use if an allowed shell is not installed on the machine." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:578 +msgid "Default: /bin/sh" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:583 sssd-ad.5.xml:203 +msgid "default_shell" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:586 sssd-ad.5.xml:206 +msgid "" +"The default shell to use if the provider does not return one during lookup. " +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 +msgid "" +"Default: not set (Return NULL if no shell is specified and rely on libc to " +"substitute something sensible when necessary, usually /bin/sh)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 +msgid "get_domains_timeout (int)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 +msgid "" +"Specifies time in seconds for which the list of subdomains will be " +"considered valid." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:611 +msgid "memcache_timeout (int)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:614 +msgid "" +"Specifies time in seconds for which records in the in-memory cache will be " +"valid" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 +msgid "Default: 300" +msgstr "Noklusējuma: 300" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:625 +msgid "PAM configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:627 +msgid "" +"These options can be used to configure the Pluggable Authentication Module " +"(PAM) service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:632 +msgid "offline_credentials_expiration (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:635 +msgid "" +"If the authentication provider is offline, how long should we allow cached " +"logins (in days since the last successful online login)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 +msgid "Default: 0 (No limit)" +msgstr "Noklusējuma: 0 (bez ierobežojuma)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:646 +msgid "offline_failed_login_attempts (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:649 +msgid "" +"If the authentication provider is offline, how many failed login attempts " +"are allowed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:659 +msgid "offline_failed_login_delay (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:662 +msgid "" +"The time in minutes which has to pass after offline_failed_login_attempts " +"has been reached before a new login attempt is possible." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:667 +msgid "" +"If set to 0 the user cannot authenticate offline if " +"offline_failed_login_attempts has been reached. Only a successful online " +"authentication can enable offline authentication again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 +msgid "Default: 5" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:679 +msgid "pam_verbosity (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:682 +msgid "" +"Controls what kind of messages are shown to the user during authentication. " +"The higher the number to more messages are displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:687 +msgid "Currently sssd supports the following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:690 +msgid "<emphasis>0</emphasis>: do not show any message" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:693 +msgid "<emphasis>1</emphasis>: show only important messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:697 +msgid "<emphasis>2</emphasis>: show informational messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:700 +msgid "<emphasis>3</emphasis>: show all messages and debug information" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:704 sssd.8.xml:63 +msgid "Default: 1" +msgstr "Noklusējuma: 1" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:709 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:712 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:718 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a per-" +"client-application basis) how long (in seconds) we can cache the identity " +"information to avoid excessive round-trips to the identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:732 +msgid "pam_pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 +msgid "Display a warning N days before the password expires." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:738 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 +msgid "" +"If zero is set, then this filter is not applied, i.e. if the expiration " +"warning was received from backend server, it will automatically be displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:749 +msgid "" +"This setting can be overridden by setting <emphasis>pwd_expiration_warning</" +"emphasis> for a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:754 sssd.8.xml:79 +msgid "Default: 0" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:774 +msgid "SUDO configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:776 +msgid "These options can be used to configure the sudo service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:780 +msgid "sudo_timed (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:783 +msgid "" +"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " +"that implement time-dependent sudoers entries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:796 +msgid "AUTOFS configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:798 +msgid "These options can be used to configure the autofs service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:802 +msgid "autofs_negative_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:805 +msgid "" +"Specifies for how many seconds should the autofs responder negative cache " +"hits (that is, queries for invalid map entries, like nonexistent ones) " +"before asking the back end again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:821 +msgid "SSH configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:823 +msgid "These options can be used to configure the SSH service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:827 +msgid "ssh_hash_known_hosts (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:830 +msgid "" +"Whether or not to hash host names and addresses in the managed known_hosts " +"file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:854 +msgid "PAC responder configuration options" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:856 +msgid "" +"The PAC responder works together with the authorization data plugin for MIT " +"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " +"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain " +"provider collects domain SID and ID ranges of the domain the client is " +"joined to and of remote trusted domains from the local domain controller. " +"If the PAC is decoded and evaluated some of the following operations are " +"done:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:865 +msgid "" +"If the remote user does not exist in the cache, it is created. The uid is " +"calculated based on the SID, trusted domains will have UPGs and the gid will " +"have the same value as the uid. The home directory is set based on the " +"subdomain_homedir parameter. The shell will be empty by default, i.e. the " +"system defaults are used, but can be overwritten with the default_shell " +"parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:873 +msgid "" +"If there are SIDs of groups from the domain the sssd client belongs to, the " +"user will be added to those groups." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:879 +msgid "These options can be used to configure the PAC responder." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:883 +msgid "allowed_uids (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:886 +msgid "" +"Specifies the comma-separated list of UID values or user names that are " +"allowed to access the PAC responder. User names are resolved to UIDs at " +"startup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:892 +msgid "Default: 0 (only the root user is allowed to access the PAC responder)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:896 +msgid "" +"Please note that although the UID 0 is used as the default it will be " +"overwritten with this option. If you still want to allow the root user to " +"access the PAC responder, which would be the typical case, you have to add 0 " +"to the list of allowed UIDs as well." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:910 +msgid "DOMAIN SECTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:917 +msgid "min_id,max_id (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:920 +msgid "" +"UID and GID limits for the domain. If a domain contains an entry that is " +"outside these limits, it is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:925 +msgid "" +"For users, this affects the primary GID limit. The user will not be returned " +"to NSS if either the UID or the primary GID is outside the range. For non-" +"primary group memberships, those that are in range will be reported as " +"expected." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:932 +msgid "Default: 1 for min_id, 0 (no limit) for max_id" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:938 +msgid "enumerate (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:941 +msgid "" +"Determines if a domain can be enumerated. This parameter can have one of the " +"following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:945 +msgid "TRUE = Users and groups are enumerated" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:948 +msgid "FALSE = No enumerations for this domain" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 +msgid "Default: FALSE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:954 +msgid "" +"Note: Enabling enumeration has a moderate performance impact on SSSD while " +"enumeration is running. It may take up to several minutes after SSSD startup " +"to fully complete enumerations. During this time, individual requests for " +"information will go directly to LDAP, though it may be slow, due to the " +"heavy enumeration processing." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:964 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:969 +msgid "" +"Further, enabling enumeration may increase the time necessary to detect " +"network disconnection, as longer timeouts are required to ensure that " +"enumeration lookups are completed successfully. For more information, refer " +"to the man pages for the specific id_provider in use." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:996 +msgid "entry_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:999 +msgid "" +"How many seconds should nss_sss consider entries valid before asking the " +"backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1003 +msgid "Default: 5400" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1009 +msgid "entry_cache_user_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1012 +msgid "" +"How many seconds should nss_sss consider user entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 +msgid "Default: entry_cache_timeout" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1022 +msgid "entry_cache_group_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1025 +msgid "" +"How many seconds should nss_sss consider group entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1035 +msgid "entry_cache_netgroup_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1038 +msgid "" +"How many seconds should nss_sss consider netgroup entries valid before " +"asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1048 +msgid "entry_cache_service_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1051 +msgid "" +"How many seconds should nss_sss consider service entries valid before asking " +"the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1061 +msgid "entry_cache_sudo_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1064 +msgid "" +"How many seconds should sudo consider rules valid before asking the backend " +"again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1074 +msgid "entry_cache_autofs_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1077 +msgid "" +"How many seconds should the autofs service consider automounter maps valid " +"before asking the backend again" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1088 +msgid "cache_credentials (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1091 +msgid "Determines if user credentials are also cached in the local LDB cache" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1095 +msgid "User credentials are stored in a SHA512 hash, not in plaintext" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1104 +msgid "account_cache_expiration (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1107 +msgid "" +"Number of days entries are left in cache after last successful login before " +"being removed during a cleanup of the cache. 0 means keep forever. The " +"value of this parameter must be greater than or equal to " +"offline_credentials_expiration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1114 +msgid "Default: 0 (unlimited)" +msgstr "Noklusējuma: 0 (neierobežots)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1119 +msgid "pwd_expiration_warning (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1130 +msgid "" +"Please note that the backend server has to provide information about the " +"expiration time of the password. If this information is missing, sssd " +"cannot display a warning. Also an auth provider has to be configured for the " +"backend." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1137 +msgid "Default: 7 (Kerberos), 0 (LDAP)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1143 +msgid "id_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1146 +msgid "" +"The identification provider used for the domain. Supported ID providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1150 +msgid "proxy: Support a legacy NSS provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1153 +msgid "<quote>local</quote>: SSSD internal provider for local users" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1157 +msgid "" +"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" +"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " +"information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 +msgid "" +"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " +"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " +"FreeIPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 +msgid "" +"<quote>ad</quote>: Active Directory provider. See <citerefentry> " +"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring Active Directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1185 +msgid "use_fully_qualified_names (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1188 +msgid "" +"Use the full name and domain (as formatted by the domain's full_name_format) " +"as the user's login name reported to NSS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1193 +msgid "" +"If set to TRUE, all requests to this domain must use fully qualified names. " +"For example, if used in LOCAL domain that contains a \"test\" user, " +"<command>getent passwd test</command> wouldn't find the user while " +"<command>getent passwd test@LOCAL</command> would." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1206 +msgid "auth_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1209 +msgid "" +"The authentication provider used for the domain. Supported auth providers " +"are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 +msgid "" +"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1220 +msgid "" +"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1244 +msgid "" +"<quote>proxy</quote> for relaying authentication to some other PAM target." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1247 +msgid "<quote>none</quote> disables authentication explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1250 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"authentication requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1256 +msgid "access_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1259 +msgid "" +"The access control provider used for the domain. There are two built-in " +"access providers (in addition to any included in installed backends) " +"Internal special providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1265 +msgid "" +"<quote>permit</quote> always allow access. It's the only permitted access " +"provider for a local domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1268 +msgid "<quote>deny</quote> always deny access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1295 +msgid "" +"<quote>simple</quote> access control based on access or deny lists. See " +"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry> for more information on configuring the simple " +"access module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1302 +msgid "Default: <quote>permit</quote>" +msgstr "Noklusējuma: <quote>atļaut</quote>" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1307 +msgid "chpass_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1310 +msgid "" +"The provider which should handle change password operations for the domain. " +"Supported change password providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1315 +msgid "" +"<quote>ldap</quote> to change a password stored in a LDAP server. See " +"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1323 +msgid "" +"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " +"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring Kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1348 +msgid "" +"<quote>proxy</quote> for relaying password changes to some other PAM target." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1352 +msgid "<quote>none</quote> disallows password changes explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1355 +msgid "" +"Default: <quote>auth_provider</quote> is used if it is set and can handle " +"change password requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1362 +msgid "sudo_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1365 +msgid "The SUDO provider used for the domain. Supported SUDO providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1369 +msgid "" +"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1376 +msgid "<quote>none</quote> disables SUDO explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 +msgid "Default: The value of <quote>id_provider</quote> is used if it is set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1385 +msgid "selinux_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1388 +msgid "" +"The provider which should handle loading of selinux settings. Note that this " +"provider will be called right after access provider ends. Supported selinux " +"providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1394 +msgid "" +"<quote>ipa</quote> to load selinux settings from an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1402 +msgid "<quote>none</quote> disallows fetching selinux settings explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1405 +msgid "" +"Default: <quote>id_provider</quote> is used if it is set and can handle " +"selinux loading requests." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1411 +msgid "subdomains_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1414 +msgid "" +"The provider which should handle fetching of subdomains. This value should " +"be always the same as id_provider. Supported subdomain providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1420 +msgid "" +"<quote>ipa</quote> to load a list of subdomains from an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1429 +msgid "<quote>none</quote> disallows fetching subdomains explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1440 +msgid "autofs_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1443 +msgid "" +"The autofs provider used for the domain. Supported autofs providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1447 +msgid "" +"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1454 +msgid "" +"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " +"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1462 +msgid "<quote>none</quote> disables autofs explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1472 +msgid "hostid_provider (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1475 +msgid "" +"The provider used for retrieving host identity information. Supported " +"hostid providers are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1479 +msgid "" +"<quote>ipa</quote> to load host identity stored in an IPA server. See " +"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> for more information on configuring IPA." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1487 +msgid "<quote>none</quote> disables hostid explicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1500 +msgid "" +"Regular expression for this domain that describes how to parse the string " +"containing user name and domain into these components." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1505 +msgid "" +"Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" +"\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" +"P<name>[^@\\\\]+)$))</quote> which allows three different styles for " +"user names:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1510 +msgid "username" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1513 +msgid "username@domain.name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd.conf.5.xml:1516 +msgid "domain\\username" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1519 +msgid "" +"While the first two correspond to the general default the third one is " +"introduced to allow easy integration of users from Windows domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1524 +msgid "" +"Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " +"which translates to \"the name is everything up to the <quote>@</quote> " +"sign, the domain everything after that\"" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1530 +msgid "" +"PLEASE NOTE: the support for non-unique named subpatterns is not available " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " +"version 7 or higher can support non-unique named subpatterns." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1537 +msgid "" +"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" +"P<name>) to label subpatterns." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1547 +msgid "" +"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" +"manvolnum> </citerefentry>-compatible format that describes how to translate " +"a (name, domain) tuple for this domain into a fully qualified name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1555 +msgid "Default: <quote>%1$s@%2$s</quote>." +msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1561 +msgid "lookup_family_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1564 +msgid "" +"Provides the ability to select preferred address family to use when " +"performing DNS lookups." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1568 +msgid "Supported values:" +msgstr "Atbalstītās vērtības:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1571 +msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1574 +msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1577 +msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1580 +msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1583 +msgid "Default: ipv4_first" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1589 +msgid "dns_resolver_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1592 +msgid "" +"Defines the amount of time (in seconds) to wait for a reply from the DNS " +"resolver before assuming that it is unreachable. If this timeout is reached, " +"the domain will continue to operate in offline mode." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1604 +msgid "dns_discovery_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1607 +msgid "" +"If service discovery is used in the back end, specifies the domain part of " +"the service discovery DNS query." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1611 +msgid "Default: Use the domain part of machine's hostname" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1617 +msgid "override_gid (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1620 +msgid "Override the primary GID value with the one specified." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1626 +msgid "case_sensitive (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1629 +msgid "" +"Treat user and group names as case sensitive. At the moment, this option is " +"not supported in the local provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1634 +msgid "Default: True" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1640 +msgid "proxy_fast_alias (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1643 +msgid "" +"When a user or group is looked up by name in the proxy provider, a second " +"lookup by ID is performed to \"canonicalize\" the name in case the requested " +"name was an alias. Setting this option to true would cause the SSSD to " +"perform the ID lookup from cache for performance reasons." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1657 +msgid "subdomain_homedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1660 +msgid "" +"Use this homedir as default value for all subdomains within this domain. See " +"<emphasis>override_homedir</emphasis> for info about possible values." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1665 +msgid "" +"The value can be overridden by <emphasis>override_homedir</emphasis> option." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1669 +msgid "Default: <filename>/home/%d/%u</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:912 +msgid "" +"These configuration options can be present in a domain configuration " +"section, that is, in a section called <quote>[domain/<replaceable>NAME</" +"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1681 +msgid "proxy_pam_target (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1684 +msgid "The proxy target PAM proxies to." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1687 +msgid "" +"Default: not set by default, you have to take an existing pam configuration " +"or create a new one and add the service name here." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1695 +msgid "proxy_lib_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1698 +msgid "" +"The name of the NSS library to use in proxy domains. The NSS functions " +"searched for in the library are in the form of _nss_$(libName)_$(function), " +"for example _nss_files_getpwent." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1677 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" id=" +"\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:1710 +msgid "The local domain section" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:1712 +msgid "" +"This section contains settings for domain that stores users and groups in " +"SSSD native database, that is, a domain that uses " +"<replaceable>id_provider=local</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1719 +msgid "default_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1722 +msgid "The default shell for users created with SSSD userspace tools." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1726 +msgid "Default: <filename>/bin/bash</filename>" +msgstr "Noklusējuma: <filename>/bin/bash</filename>" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1731 +msgid "base_directory (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1734 +msgid "" +"The tools append the login name to <replaceable>base_directory</replaceable> " +"and use that as the home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1739 +msgid "Default: <filename>/home</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1744 +msgid "create_homedir (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1747 +msgid "" +"Indicate if a home directory should be created by default for new users. " +"Can be overridden on command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 +msgid "Default: TRUE" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1756 +msgid "remove_homedir (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1759 +msgid "" +"Indicate if a home directory should be removed by default for deleted " +"users. Can be overridden on command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1768 +msgid "homedir_umask (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1771 +msgid "" +"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " +"on a newly created home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1779 +msgid "Default: 077" +msgstr "Noklusējuma: 077" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1784 +msgid "skel_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1787 +msgid "" +"The skeleton directory, which contains files and directories to be copied in " +"the user's home directory, when the home directory is created by " +"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1797 +msgid "Default: <filename>/etc/skel</filename>" +msgstr "Noklusējuma: <filename>/etc/skel</filename>" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1802 +msgid "mail_dir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1805 +msgid "" +"The mail spool directory. This is needed to manipulate the mailbox when its " +"corresponding user account is modified or deleted. If not specified, a " +"default value is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1812 +msgid "Default: <filename>/var/mail</filename>" +msgstr "Noklusējuma: <filename>/var/mail</filename>" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:1817 +msgid "userdel_cmd (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1820 +msgid "" +"The command that is run after a user is removed. The command us passed the " +"username of the user being removed as the first and only parameter. The " +"return code of the command is not taken into account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1826 +msgid "Default: None, no command is run" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 +msgid "EXAMPLE" +msgstr "PIEMĒRS" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:1842 +#, no-wrap +msgid "" +"[sssd]\n" +"domains = LDAP\n" +"services = nss, pam\n" +"config_file_version = 2\n" +"\n" +"[nss]\n" +"filter_groups = root\n" +"filter_users = root\n" +"\n" +"[pam]\n" +"\n" +"[domain/LDAP]\n" +"id_provider = ldap\n" +"ldap_uri = ldap://ldap.example.com\n" +"ldap_search_base = dc=example,dc=com\n" +"\n" +"auth_provider = krb5\n" +"krb5_server = kerberos.example.com\n" +"krb5_realm = EXAMPLE.COM\n" +"cache_credentials = true\n" +"\n" +"min_id = 10000\n" +"max_id = 20000\n" +"enumerate = False\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:1838 +msgid "" +"The following example shows a typical SSSD config. It does not describe " +"configuration of the domains themselves - refer to documentation on " +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 +msgid "sssd-ldap" +msgstr "sssd-ldap" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:23 +msgid "" +"This manual page describes the configuration of LDAP domains for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for detailed syntax information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:35 +msgid "You can configure SSSD to use more than one LDAP domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:38 +msgid "" +"LDAP back end supports id, auth, access and chpass providers. If you want to " +"authenticate against an LDAP server either TLS/SSL or LDAPS is required. " +"<command>sssd</command> <emphasis>does not</emphasis> support authentication " +"over an unencrypted channel. If the LDAP server is used only as an identity " +"provider, an encrypted channel is not needed. Please refer to " +"<quote>ldap_access_filter</quote> config option for more information about " +"using LDAP as an access provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 +#: sssd-krb5.5.xml:63 +msgid "CONFIGURATION OPTIONS" +msgstr "KONFIGURĒŠANAS IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:60 +msgid "ldap_uri, ldap_backup_uri (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:63 +msgid "" +"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " +"should connect in the order of preference. Refer to the <quote>FAILOVER</" +"quote> section for more information on failover and server redundancy. If " +"neither option is specified, service discovery is enabled. For more " +"information, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:70 +msgid "The format of the URI must match the format defined in RFC 2732:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:73 +msgid "ldap[s]://<host>[:port]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:76 +msgid "" +"For explicit IPv6 addresses, <host> must be enclosed in brackets []" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:79 +msgid "example: ldap://[fc00::126:25]:389" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:85 +msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:88 +msgid "" +"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " +"should connect in the order of preference to change the password of a user. " +"Refer to the <quote>FAILOVER</quote> section for more information on " +"failover and server redundancy." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:95 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:99 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:105 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:108 +msgid "The default base DN to use for performing LDAP user operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:112 +msgid "" +"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the " +"syntax:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:116 +msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:119 +msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:122 +msgid "" +"The filter must be a valid LDAP search filter as specified by http://www." +"ietf.org/rfc/rfc2254.txt" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:126 +msgid "Examples:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:129 +msgid "" +"ldap_search_base = dc=example,dc=com (which is equivalent to) " +"ldap_search_base = dc=example,dc=com?subtree?" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:134 +msgid "" +"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?" +"(host=thishost)?dc=example.com?subtree?" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:137 +msgid "" +"Note: It is unsupported to have multiple search bases which reference " +"identically-named objects (for example, groups with the same name in two " +"different search bases). This will lead to unpredictable behavior on client " +"machines." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:144 +msgid "" +"Default: If not set, the value of the defaultNamingContext or namingContexts " +"attribute from the RootDSE of the LDAP server is used. If " +"defaultNamingContext does not exist or has an empty value namingContexts is " +"used. The namingContexts attribute must have a single value with the DN of " +"the search base of the LDAP server to make this work. Multiple values are " +"are not supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:158 +msgid "ldap_schema (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:161 +msgid "" +"Specifies the Schema Type in use on the target LDAP server. Depending on " +"the selected schema, the default attribute names retrieved from the servers " +"may vary. The way that some attributes are handled may also differ." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:168 +msgid "Four schema types are currently supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:172 +msgid "rfc2307" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:177 +msgid "rfc2307bis" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:182 +msgid "IPA" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:187 +msgid "AD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:193 +msgid "" +"The main difference between these schema types is how group memberships are " +"recorded in the server. With rfc2307, group members are listed by name in " +"the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, " +"group members are listed by DN and stored in the <emphasis>member</emphasis> " +"attribute. The AD schema type sets the attributes to correspond with Active " +"Directory 2008r2 values." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:203 +msgid "Default: rfc2307" +msgstr "Noklusējuma: rfc2307" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:209 +msgid "ldap_default_bind_dn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:212 +msgid "The default bind DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:219 +msgid "ldap_default_authtok_type (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:222 +msgid "The type of the authentication token of the default bind DN." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:226 +msgid "The two mechanisms currently supported are:" +msgstr "Divi pašlaik atbalstītie mehānismi ir:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:229 +msgid "password" +msgstr "parole" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:232 +msgid "obfuscated_password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:235 +msgid "Default: password" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:241 +msgid "ldap_default_authtok (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:244 +msgid "" +"The authentication token of the default bind DN. Only clear text passwords " +"are currently supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:251 +msgid "ldap_user_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:254 +msgid "The object class of a user entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:257 +msgid "Default: posixAccount" +msgstr "Noklusējuma: posixAccount" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:263 +msgid "ldap_user_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:266 +msgid "The LDAP attribute that corresponds to the user's login name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:270 +msgid "Default: uid" +msgstr "Noklusējuma: uid" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:276 +msgid "ldap_user_uid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:279 +msgid "The LDAP attribute that corresponds to the user's id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:283 +msgid "Default: uidNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:289 +msgid "ldap_user_gid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:292 +msgid "The LDAP attribute that corresponds to the user's primary group id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778 +msgid "Default: gidNumber" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:302 +msgid "ldap_user_gecos (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:305 +msgid "The LDAP attribute that corresponds to the user's gecos field." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:309 +msgid "Default: gecos" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:315 +msgid "ldap_user_home_directory (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:318 +msgid "The LDAP attribute that contains the name of the user's home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:322 +msgid "Default: homeDirectory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:328 +msgid "ldap_user_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:331 +msgid "The LDAP attribute that contains the path to the user's default shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:335 +msgid "Default: loginShell" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:341 +msgid "ldap_user_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:344 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990 +msgid "Default: nsUniqueId" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:354 +msgid "ldap_user_objectsid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:357 +msgid "" +"The LDAP attribute that contains the objectSID of an LDAP user object. This " +"is usually only necessary for ActiveDirectory servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818 +msgid "Default: objectSid for ActiveDirectory, not set for other servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:369 +msgid "ldap_user_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999 +msgid "" +"The LDAP attribute that contains timestamp of the last modification of the " +"parent object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006 +msgid "Default: modifyTimestamp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:382 +msgid "ldap_user_shadow_last_change (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:385 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of " +"the last password change)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:395 +msgid "Default: shadowLastChange" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:401 +msgid "ldap_user_shadow_min (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:404 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum " +"password age)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:413 +msgid "Default: shadowMin" +msgstr "Noklusējuma: shadowMin" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:419 +msgid "ldap_user_shadow_max (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:422 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum " +"password age)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:431 +msgid "Default: shadowMax" +msgstr "Noklusējuma: shadowMax" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:437 +msgid "ldap_user_shadow_warning (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:440 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " +"(password warning period)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:450 +msgid "Default: shadowWarning" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:456 +msgid "ldap_user_shadow_inactive (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:459 +msgid "" +"When using ldap_pwd_policy=shadow, this parameter contains the name of an " +"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart " +"(password inactivity period)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:469 +msgid "Default: shadowInactive" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:475 +msgid "ldap_user_shadow_expire (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:478 +msgid "" +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " +"parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> counterpart (account expiration date)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:488 +msgid "Default: shadowExpire" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:494 +msgid "ldap_user_krb_last_pwd_change (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:497 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " +"an LDAP attribute storing the date and time of last password change in " +"kerberos." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:503 +msgid "Default: krbLastPwdChange" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:509 +msgid "ldap_user_krb_password_expiration (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:512 +msgid "" +"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " +"an LDAP attribute storing the date and time when current password expires." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:518 +msgid "Default: krbPasswordExpiration" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:524 +msgid "ldap_user_ad_account_expires (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:527 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the expiration time of the account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:532 +msgid "Default: accountExpires" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:538 +msgid "ldap_user_ad_user_account_control (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:541 +msgid "" +"When using ldap_account_expire_policy=ad, this parameter contains the name " +"of an LDAP attribute storing the user account control bit field." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:546 +msgid "Default: userAccountControl" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:552 +msgid "ldap_ns_account_lock (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:555 +msgid "" +"When using ldap_account_expire_policy=rhds or equivalent, this parameter " +"determines if access is allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:560 +msgid "Default: nsAccountLock" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:566 +msgid "ldap_user_nds_login_disabled (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:569 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines if " +"access is allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587 +msgid "Default: loginDisabled" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:579 +msgid "ldap_user_nds_login_expiration_time (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:582 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines until " +"which date access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:593 +msgid "ldap_user_nds_login_allowed_time_map (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:596 +msgid "" +"When using ldap_account_expire_policy=nds, this attribute determines the " +"hours of a day in a week when access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:601 +msgid "Default: loginAllowedTimeMap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:607 +msgid "ldap_user_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:610 +msgid "" +"The LDAP attribute that contains the user's Kerberos User Principal Name " +"(UPN)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:614 +msgid "Default: krbPrincipalName" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:620 +msgid "ldap_user_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:623 +msgid "The LDAP attribute that contains the user's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:630 +msgid "ldap_force_upper_case_realm (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:633 +msgid "" +"Some directory servers, for example Active Directory, might deliver the " +"realm part of the UPN in lower case, which might cause the authentication to " +"fail. Set this option to a non-zero value if you want to use an upper-case " +"realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:646 +msgid "ldap_enumeration_refresh_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:649 +msgid "" +"Specifies how many seconds SSSD has to wait before refreshing its cache of " +"enumerated records." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:660 +msgid "ldap_purge_cache_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:663 +msgid "" +"Determine how often to check the cache for inactive entries (such as groups " +"with no members and users who have never logged in) and remove them to save " +"space." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:669 +msgid "Setting this option to zero will disable the cache cleanup operation." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:673 +msgid "Default: 10800 (12 hours)" +msgstr "Noklusējuma: 10800 (12 stundas)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:679 +msgid "ldap_user_fullname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:682 +msgid "The LDAP attribute that corresponds to the user's full name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 +msgid "Default: cn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:692 +msgid "ldap_user_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:695 +msgid "The LDAP attribute that lists the user's group memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 +msgid "Default: memberOf" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:705 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:708 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry " +"to determine access privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:715 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:720 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:726 +msgid "ldap_user_authorized_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:729 +msgid "" +"If access_provider=ldap and ldap_access_order=host, SSSD will use the " +"presence of the host attribute in the user's LDAP entry to determine access " +"privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:735 +msgid "" +"An explicit deny (!host) is resolved first. Second, SSSD searches for " +"explicit allow (host) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:740 +msgid "Default: host" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:746 +msgid "ldap_group_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:749 +msgid "The object class of a group entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:752 +msgid "Default: posixGroup" +msgstr "Noklusējuma: posixGroup" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:758 +msgid "ldap_group_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:761 +msgid "The LDAP attribute that corresponds to the group name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:771 +msgid "ldap_group_gid_number (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:774 +msgid "The LDAP attribute that corresponds to the group's id." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:784 +msgid "ldap_group_member (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:787 +msgid "The LDAP attribute that contains the names of the group's members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:791 +msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:797 +msgid "ldap_group_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:800 +msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:810 +msgid "ldap_group_objectsid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:813 +msgid "" +"The LDAP attribute that contains the objectSID of an LDAP group object. This " +"is usually only necessary for ActiveDirectory servers." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:825 +msgid "ldap_group_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:838 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:841 +msgid "" +"If ldap_schema is set to a schema format that supports nested groups (e.g. " +"RFC2307bis), then this option controls how many levels of nesting SSSD will " +"follow. This option has no effect on the RFC2307 schema." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:848 +msgid "Default: 2" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:854 +msgid "ldap_groups_use_matching_rule_in_chain" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:857 +msgid "" +"This option tells SSSD to take advantage of an Active Directory-specific " +"feature which may speed up group lookup operations on deployments with " +"complex or deep nested groups." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:863 +msgid "" +"In most common cases, it is best to leave this option disabled. It generally " +"only provides a performance increase on very complex nestings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895 +msgid "" +"If this option is enabled, SSSD will use it if it detects that the server " +"supports it during initial connection. So \"True\" here essentially means " +"\"auto-detect\"." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901 +msgid "" +"Note: This feature is currently known to work only with Active Directory " +"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" +"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> " +"for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 +msgid "Default: False" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:886 +msgid "ldap_initgroups_use_matching_rule_in_chain" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:889 +msgid "" +"This option tells SSSD to take advantage of an Active Directory-specific " +"feature which might speed up initgroups operations (most notably when " +"dealing with complex or deep nested groups)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:913 +msgid "ldap_netgroup_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:916 +msgid "The object class of a netgroup entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:919 +msgid "In IPA provider, ipa_netgroup_object_class should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:923 +msgid "Default: nisNetgroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:929 +msgid "ldap_netgroup_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:932 +msgid "The LDAP attribute that corresponds to the netgroup name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:936 +msgid "In IPA provider, ipa_netgroup_name should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:946 +msgid "ldap_netgroup_member (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:949 +msgid "The LDAP attribute that contains the names of the netgroup's members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:953 +msgid "In IPA provider, ipa_netgroup_member should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:957 +msgid "Default: memberNisNetgroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:963 +msgid "ldap_netgroup_triple (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:966 +msgid "" +"The LDAP attribute that contains the (host, user, domain) netgroup triples." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003 +msgid "This option is not available in IPA provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:973 +msgid "Default: nisNetgroupTriple" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:979 +msgid "ldap_netgroup_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:982 +msgid "" +"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:986 +msgid "In IPA provider, ipa_netgroup_uuid should be used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:996 +msgid "ldap_netgroup_modify_timestamp (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1012 +msgid "ldap_service_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1015 +msgid "The object class of a service entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1018 +msgid "Default: ipService" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1024 +msgid "ldap_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1027 +msgid "" +"The LDAP attribute that contains the name of service attributes and their " +"aliases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1037 +msgid "ldap_service_port (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1040 +msgid "The LDAP attribute that contains the port managed by this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1044 +msgid "Default: ipServicePort" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1050 +msgid "ldap_service_proto (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1053 +msgid "" +"The LDAP attribute that contains the protocols understood by this service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1057 +msgid "Default: ipServiceProtocol" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1063 +msgid "ldap_service_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1068 +msgid "ldap_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1071 +msgid "" +"Specifies the timeout (in seconds) that ldap searches are allowed to run " +"before they are cancelled and cached results are returned (and offline mode " +"is entered)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1077 +msgid "" +"Note: this option is subject to change in future versions of the SSSD. It " +"will likely be replaced at some point by a series of timeouts for specific " +"lookup types." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140 +msgid "Default: 6" +msgstr "Noklusējuma: 6" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1089 +msgid "ldap_enumeration_search_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1092 +msgid "" +"Specifies the timeout (in seconds) that ldap searches for user and group " +"enumerations are allowed to run before they are cancelled and cached results " +"are returned (and offline mode is entered)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1105 +msgid "ldap_network_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1108 +msgid "" +"Specifies the timeout (in seconds) after which the <citerefentry> " +"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" +"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</" +"manvolnum> </citerefentry> following a <citerefentry> " +"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </" +"citerefentry> returns in case of no activity." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1131 +msgid "ldap_opt_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1134 +msgid "" +"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " +"will abort if no response is received. Also controls the timeout when " +"communicating with the KDC in case of SASL bind." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1146 +msgid "ldap_connection_expire_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1149 +msgid "" +"Specifies a timeout (in seconds) that a connection to an LDAP server will be " +"maintained. After this time, the connection will be re-established. If used " +"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. " +"the TGT lifetime) will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 +msgid "Default: 900 (15 minutes)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1163 +msgid "ldap_page_size (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1166 +msgid "" +"Specify the number of records to retrieve from LDAP in a single request. " +"Some LDAP servers enforce a maximum limit per-request." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1171 +msgid "Default: 1000" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1177 +msgid "ldap_disable_paging (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1180 +msgid "" +"Disable the LDAP paging control. This option should be used if the LDAP " +"server reports that it supports the LDAP paging control in its RootDSE but " +"it is not enabled or does not behave properly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1186 +msgid "" +"Example: OpenLDAP servers with the paging control module installed on the " +"server but not enabled will report it in the RootDSE but be unable to use it." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1192 +msgid "" +"Example: 389 DS has a bug where it can only support a one paging control at " +"a time on a single connection. On busy clients, this can result in some " +"requests being denied." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1204 +msgid "ldap_sasl_minssf (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1207 +msgid "" +"When communicating with an LDAP server using SASL, specify the minimum " +"security level necessary to establish the connection. The values of this " +"option are defined by OpenLDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1213 +msgid "Default: Use the system default (usually specified by ldap.conf)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1220 +msgid "ldap_deref_threshold (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1223 +msgid "" +"Specify the number of group members that must be missing from the internal " +"cache in order to trigger a dereference lookup. If less members are missing, " +"they are looked up individually." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1229 +msgid "" +"You can turn off dereference lookups completely by setting the value to 0." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1233 +msgid "" +"A dereference lookup is a means of fetching all group members in a single " +"LDAP call. Different LDAP servers may implement different dereference " +"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active " +"Directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1241 +msgid "" +"<emphasis>Note:</emphasis> If any of the search bases specifies a search " +"filter, then the dereference lookup performance enhancement will be disabled " +"regardless of this setting." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1254 +msgid "ldap_tls_reqcert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1257 +msgid "" +"Specifies what checks to perform on server certificates in a TLS session, if " +"any. It can be specified as one of the following values:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1263 +msgid "" +"<emphasis>never</emphasis> = The client will not request or check any server " +"certificate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1267 +msgid "" +"<emphasis>allow</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate " +"is provided, it will be ignored and the session proceeds normally." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1274 +msgid "" +"<emphasis>try</emphasis> = The server certificate is requested. If no " +"certificate is provided, the session proceeds normally. If a bad certificate " +"is provided, the session is immediately terminated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1280 +msgid "" +"<emphasis>demand</emphasis> = The server certificate is requested. If no " +"certificate is provided, or a bad certificate is provided, the session is " +"immediately terminated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1286 +msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1290 +msgid "Default: hard" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1296 +msgid "ldap_tls_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1299 +msgid "" +"Specifies the file that contains certificates for all of the Certificate " +"Authorities that <command>sssd</command> will recognize." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363 +msgid "" +"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." +"conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1311 +msgid "ldap_tls_cacertdir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1314 +msgid "" +"Specifies the path of a directory that contains Certificate Authority " +"certificates in separate individual files. Typically the file names need to " +"be the hash of the certificate followed by '.0'. If available, " +"<command>cacertdir_rehash</command> can be used to create the correct names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1329 +msgid "ldap_tls_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1332 +msgid "Specifies the file that contains the certificate for the client's key." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1342 +msgid "ldap_tls_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1345 +msgid "Specifies the file that contains the client's key." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1354 +msgid "ldap_tls_cipher_suite (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1357 +msgid "" +"Specifies acceptable cipher suites. Typically this is a colon sperated " +"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> for format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1370 +msgid "ldap_id_use_start_tls (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1373 +msgid "" +"Specifies that the id_provider connection must also use <systemitem class=" +"\"protocol\">tls</systemitem> to protect the channel." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1383 +msgid "ldap_id_mapping (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1386 +msgid "" +"Specifies that SSSD should attempt to map user and group IDs from the " +"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " +"on ldap_user_uid_number and ldap_group_gid_number." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1392 +msgid "Currently this feature supports only ActiveDirectory objectSID mapping." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1402 +msgid "ldap_sasl_mech (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1405 +msgid "" +"Specify the SASL mechanism to use. Currently only GSSAPI is tested and " +"supported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1415 +msgid "ldap_sasl_authid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1418 +msgid "" +"Specify the SASL authorization id to use. When GSSAPI is used, this " +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1426 +msgid "Default: host/hostname@REALM" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 +msgid "ldap_sasl_canonicalize (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1450 +msgid "" +"If set to true, the LDAP library would perform a reverse lookup to " +"canonicalize the host name during a SASL bind." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1455 +msgid "Default: false;" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1461 +msgid "ldap_krb5_keytab (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1464 +msgid "Specify the keytab to use when using SASL/GSSAPI." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1467 +msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1473 +msgid "ldap_krb5_init_creds (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1476 +msgid "" +"Specifies that the id_provider should init Kerberos credentials (TGT). This " +"action is performed only if SASL is used and the mechanism selected is " +"GSSAPI." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1488 +msgid "ldap_krb5_ticket_lifetime (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1491 +msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1495 +msgid "Default: 86400 (24 hours)" +msgstr "Noklusējuma: 86400 (24 stundas)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 +msgid "krb5_server, krb5_backup_server (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1504 +msgid "" +"Specifies the comma-separated list of IP addresses or hostnames of the " +"Kerberos servers to which SSSD should connect in the order of preference. " +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. An optional port number (preceded by a " +"colon) may be appended to the addresses or hostnames. If empty, service " +"discovery is enabled - for more information, refer to the <quote>SERVICE " +"DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches " +"for DNS entries that specify _udp as the protocol and falls back to _tcp if " +"none are found." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " +"While the legacy name is recognized for the time being, users are advised to " +"migrate their config files to use <quote>krb5_server</quote> instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 +msgid "krb5_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1533 +msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1536 +msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 +msgid "krb5_canonicalize (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1545 +msgid "" +"Specifies if the host principal should be canonicalized when connecting to " +"LDAP server. This feature is available with MIT Kerberos >= 1.7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1557 +msgid "ldap_pwd_policy (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1560 +msgid "" +"Select the policy to evaluate the password expiration on the client side. " +"The following values are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1565 +msgid "" +"<emphasis>none</emphasis> - No evaluation on the client side. This option " +"cannot disable server-side password policies." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1570 +msgid "" +"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" +"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " +"evaluate if the password has expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1576 +msgid "" +"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " +"to determine if the password has expired. Use chpass_provider=krb5 to update " +"these attributes when the password is changed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1588 +msgid "ldap_referrals (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1591 +msgid "Specifies whether automatic referral chasing should be enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1595 +msgid "" +"Please note that sssd only supports referral chasing when it is compiled " +"with OpenLDAP version 2.4.13 or higher." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1600 +msgid "" +"Chasing referrals may incur a performance penalty in environments that use " +"them heavily, a notable example is Microsoft Active Directory. If your setup " +"does not in fact require the use of referrals, setting this option to false " +"might bring a noticeable performance improvement." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1614 +msgid "ldap_dns_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1617 +msgid "Specifies the service name to use when service discovery is enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1621 +msgid "Default: ldap" +msgstr "Noklusējuma: ldap" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1627 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1630 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1635 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1641 +msgid "ldap_chpass_update_last_change (bool)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1644 +msgid "" +"Specifies whether to update the ldap_user_shadow_last_change attribute with " +"days since the Epoch after a password change operation." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1656 +msgid "ldap_access_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1659 +msgid "" +"If using access_provider = ldap and ldap_access_order = filter (default), " +"this option is mandatory. It specifies an LDAP search filter criteria that " +"must be met for the user to be granted access on this host. If " +"access_provider = ldap, ldap_access_order = filter and this option is not " +"set, it will result in all users being denied access. Use access_provider = " +"permit to change this default behavior." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 +msgid "Example:" +msgstr "Piemērs:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1674 +#, no-wrap +msgid "" +"access_provider = ldap\n" +"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1678 +msgid "" +"This example means that access to this host is restricted to members of the " +"\"allowedusers\" group in ldap." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1683 +msgid "" +"Offline caching for this feature is limited to determining whether the " +"user's last online login was granted access permission. If they were granted " +"access during their last login, they will continue to be granted access " +"while offline and vice-versa." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 +msgid "Default: Empty" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1697 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1700 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1704 +msgid "" +"Please note that it is always recommended to use server side access control, " +"i.e. the LDAP server should deny the bind request with a suitable error code " +"even if the password is correct." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1711 +msgid "The following values are allowed:" +msgstr "Atļautas šādas vērtības:" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1714 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1719 +msgid "" +"<emphasis>ad</emphasis>: use the value of the 32bit field " +"ldap_user_ad_user_account_control and allow access if the second bit is not " +"set. If the attribute is missing access is granted. Also the expiration time " +"of the account is checked." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1726 +msgid "" +"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" +"emphasis>: use the value of ldap_ns_account_lock to check if access is " +"allowed or not." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1732 +msgid "" +"<emphasis>nds</emphasis>: the values of " +"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " +"ldap_user_nds_login_expiration_time are used to check if access is allowed. " +"If both attributes are missing access is granted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1747 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1750 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1754 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1757 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1761 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " +"to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1766 +msgid "<emphasis>host</emphasis>: use the host attribute to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1770 +msgid "Default: filter" +msgstr "Noklusējuma: filtrēt" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1773 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1780 +msgid "ldap_deref (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1783 +msgid "" +"Specifies how alias dereferencing is done when performing a search. The " +"following options are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1788 +msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1792 +msgid "" +"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " +"the base object, but not in locating the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1797 +msgid "" +"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " +"the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1802 +msgid "" +"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " +"in locating the base object of the search." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1807 +msgid "" +"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " +"client libraries)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:51 +msgid "" +"All of the common configuration options that apply to SSSD domains also " +"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " +"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for full details. <placeholder type=" +"\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1818 +msgid "SUDO OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1822 +msgid "ldap_sudorule_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1825 +msgid "The object class of a sudo rule entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1828 +msgid "Default: sudoRole" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1834 +msgid "ldap_sudorule_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1837 +msgid "The LDAP attribute that corresponds to the sudo rule name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1847 +msgid "ldap_sudorule_command (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1850 +msgid "The LDAP attribute that corresponds to the command name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1854 +msgid "Default: sudoCommand" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1860 +msgid "ldap_sudorule_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1863 +msgid "" +"The LDAP attribute that corresponds to the host name (or host IP address, " +"host IP network, or host netgroup)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1868 +msgid "Default: sudoHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1874 +msgid "ldap_sudorule_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1877 +msgid "" +"The LDAP attribute that corresponds to the user name (or UID, group name or " +"user's netgroup)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1881 +msgid "Default: sudoUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1887 +msgid "ldap_sudorule_option (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1890 +msgid "The LDAP attribute that corresponds to the sudo options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1894 +msgid "Default: sudoOption" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1900 +msgid "ldap_sudorule_runasuser (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1903 +msgid "" +"The LDAP attribute that corresponds to the user name that commands may be " +"run as." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1907 +msgid "Default: sudoRunAsUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1913 +msgid "ldap_sudorule_runasgroup (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1916 +msgid "" +"The LDAP attribute that corresponds to the group name or group GID that " +"commands may be run as." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1920 +msgid "Default: sudoRunAsGroup" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1926 +msgid "ldap_sudorule_notbefore (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1929 +msgid "" +"The LDAP attribute that corresponds to the start date/time for when the sudo " +"rule is valid." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1933 +msgid "Default: sudoNotBefore" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1939 +msgid "ldap_sudorule_notafter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1942 +msgid "" +"The LDAP attribute that corresponds to the expiration date/time, after which " +"the sudo rule will no longer be valid." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1947 +msgid "Default: sudoNotAfter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1953 +msgid "ldap_sudorule_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1956 +msgid "The LDAP attribute that corresponds to the ordering index of the rule." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1960 +msgid "Default: sudoOrder" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1966 +msgid "ldap_sudo_full_refresh_interval (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1969 +msgid "" +"How many seconds SSSD will wait between executing a full refresh of sudo " +"rules (which downloads all rules that are stored on the server)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1974 +msgid "" +"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" +"emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1979 +msgid "Default: 21600 (6 hours)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1985 +msgid "ldap_sudo_smart_refresh_interval (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1988 +msgid "" +"How many seconds SSSD has to wait before executing a smart refresh of sudo " +"rules (which downloads all rules that have USN higher than the highest USN " +"of cached rules)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1994 +msgid "" +"If USN attributes are not supported by the server, the modifyTimestamp " +"attribute is used instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2004 +msgid "ldap_sudo_use_host_filter (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2007 +msgid "" +"If true, SSSD will download only rules that are applicable to this machine " +"(using the IPv4 or IPv6 host/network addresses and hostnames)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2018 +msgid "ldap_sudo_hostnames (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2021 +msgid "" +"Space separated list of hostnames or fully qualified domain names that " +"should be used to filter the rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2026 +msgid "" +"If this option is empty, SSSD will try to discover the hostname and the " +"fully qualified domain name automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 +msgid "" +"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" +"emphasis> then this option has no effect." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 +msgid "Default: not specified" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2042 +msgid "ldap_sudo_ip (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2045 +msgid "" +"Space separated list of IPv4 or IPv6 host/network addresses that should be " +"used to filter the rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2050 +msgid "" +"If this option is empty, SSSD will try to discover the addresses " +"automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2065 +msgid "ldap_sudo_include_netgroups (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2068 +msgid "" +"If true then SSSD will download every rule that contains a netgroup in " +"sudoHost attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2083 +msgid "ldap_sudo_include_regexp (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2086 +msgid "" +"If true then SSSD will download every rule that contains a regular " +"expression in sudoHost attribute." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1820 +msgid "<placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2102 +msgid "" +"This manual page only describes attribute name mapping. For detailed " +"explanation of sudo related attribute semantics, see <citerefentry> " +"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:2112 +msgid "AUTOFS OPTIONS" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2114 +msgid "" +"Please note that the default values correspond to the default schema which " +"is RFC2307." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2120 +msgid "ldap_autofs_map_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 +msgid "The object class of an automount map entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 +msgid "Default: automountMap" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2133 +msgid "ldap_autofs_map_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2136 +msgid "The name of an automount map entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2139 +msgid "Default: ou" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2146 +msgid "ldap_autofs_entry_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2160 +msgid "ldap_autofs_entry_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 +msgid "" +"The key of an automount entry in LDAP. The entry usually corresponds to a " +"mount point." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2174 +msgid "ldap_autofs_entry_value (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2181 +msgid "Default: automountInformation" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2118 +msgid "" +"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" +"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " +"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type=" +"\"variablelist\" id=\"4\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:2191 +msgid "ADVANCED OPTIONS" +msgstr "PAPLAŠINĀTĀS IESPĒJAS" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2198 +msgid "ldap_netgroup_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2203 +msgid "ldap_user_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2208 +msgid "ldap_group_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2213 +msgid "ldap_user_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2216 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict user searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2220 +msgid "" +"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " +"by ldap_user_search_base." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:2230 +#, no-wrap +msgid "" +" ldap_user_search_filter = (loginShell=/bin/tcsh)\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2233 +msgid "" +"This filter would restrict user searches to users that have their shell set " +"to /bin/tcsh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2240 +msgid "ldap_group_search_filter (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2243 +msgid "" +"This option specifies an additional LDAP search filter criteria that " +"restrict group searches." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:2247 +msgid "" +"This option is <emphasis>deprecated</emphasis> in favor of the syntax used " +"by ldap_group_search_base." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2257 +msgid "ldap_sudo_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:2262 +msgid "ldap_autofs_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2193 +msgid "" +"These options are supported by LDAP domains, but they should be used with " +"caution. Please include them in your configuration only if you know what you " +"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2279 +msgid "" +"The following example assumes that SSSD is correctly configured and LDAP is " +"set to one of the domains in the <replaceable>[domains]</replaceable> " +"section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:2285 +#, no-wrap +msgid "" +" [domain/LDAP]\n" +" id_provider = ldap\n" +" auth_provider = ldap\n" +" ldap_uri = ldap://ldap.mydomain.org\n" +" ldap_search_base = dc=mydomain,dc=org\n" +" ldap_tls_reqcert = demand\n" +" cache_credentials = true\n" +" enumerate = true\n" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +msgid "NOTES" +msgstr "PIEZĪMES" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:2300 +msgid "" +"The descriptions of some of the configuration options in this manual page " +"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 " +"distribution." +msgstr "" + +#. type: Content of: <refentryinfo> +#: pam_sss.8.xml:8 include/upstream.xml:2 +msgid "" +"<productname>SSSD</productname> <orgname>The SSSD upstream - http://" +"fedorahosted.org/sssd</orgname>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: pam_sss.8.xml:13 pam_sss.8.xml:18 +msgid "pam_sss" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: pam_sss.8.xml:19 +msgid "PAM module for SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: pam_sss.8.xml:24 +msgid "" +"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</" +"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</" +"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</" +"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:45 +msgid "" +"<command>pam_sss.so</command> is the PAM interface to the System Security " +"Services daemon (SSSD). Errors and results are logged through <command>syslog" +"(3)</command> with the LOG_AUTHPRIV facility." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:55 +msgid "<option>quiet</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:58 +msgid "Suppress log messages for unknown users." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:63 +msgid "<option>forward_pass</option>" +msgstr "<option>forward_pass</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:66 +msgid "" +"If <option>forward_pass</option> is set the entered password is put on the " +"stack for other PAM modules to use." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:73 +msgid "<option>use_first_pass</option>" +msgstr "<option>use_first_pass</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:76 +msgid "" +"The argument use_first_pass forces the module to use a previous stacked " +"modules password and will never prompt the user - if no password is " +"available or the password is not appropriate, the user will be denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:84 +msgid "<option>use_authtok</option>" +msgstr "<option>use_authtok</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:87 +msgid "" +"When password changing enforce the module to set the new password to the one " +"provided by a previously stacked password module." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: pam_sss.8.xml:94 +msgid "<option>retry=N</option>" +msgstr "<option>retry=N</option>" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:97 +msgid "" +"If specified the user is asked another N times for a password if " +"authentication fails. Default is 0." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: pam_sss.8.xml:99 +msgid "" +"Please note that this option might not work as expected if the application " +"calling PAM handles the user dialog on its own. A typical example is " +"<command>sshd</command> with <option>PasswordAuthentication</option>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:110 +msgid "MODULE TYPES PROVIDED" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:111 +msgid "" +"All module types (<option>account</option>, <option>auth</option>, " +"<option>password</option> and <option>session</option>) are provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: pam_sss.8.xml:117 +msgid "FILES" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:118 +msgid "" +"If a password reset by root fails, because the corresponding SSSD provider " +"does not support password resets, an individual message can be displayed. " +"This message can e.g. contain instructions about how to reset a password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:123 +msgid "" +"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</" +"filename> where LOC stands for a locale string returned by <citerefentry> " +"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </" +"citerefentry>. If there is no matching file the content of " +"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be " +"the owner of the files and only root may have read and write permissions " +"while all other users must have only read permissions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: pam_sss.8.xml:133 +msgid "" +"These files are searched in the directory <filename>/etc/sssd/customize/" +"DOMAIN_NAME/</filename>. If no matching file is present a generic message is " +"displayed." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 +msgid "sssd_krb5_locator_plugin" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:22 +msgid "" +"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " +"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos " +"libraries what Realm and which KDC to use. Typically this is done in " +"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> which is always read by the Kerberos libraries. " +"To simplify the configuration the Realm and the KDC can be defined in " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> as described in <citerefentry> " +"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:48 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry> puts the Realm and the name or IP address of the KDC into " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " +"libraries it reads and evaluates these variables and returns them to the " +"libraries." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:63 +msgid "" +"Not all Kerberos implementations support the use of plugins. If " +"<command>sssd_krb5_locator_plugin</command> is not available on your system " +"you have to edit /etc/krb5.conf to reflect your Kerberos setup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd_krb5_locator_plugin.8.xml:69 +msgid "" +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-simple.5.xml:10 sssd-simple.5.xml:16 +msgid "sssd-simple" +msgstr "sssd-simple" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd-simple.5.xml:17 +msgid "the configuration file for SSSD's 'simple' access-control provider" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:24 +msgid "" +"This manual page describes the configuration of the simple access-control " +"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, " +"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:38 +msgid "" +"The simple access provider grants or denies access based on an access or " +"deny list of user or group names. The following rules apply:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 +msgid "" +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 +msgid "" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 +msgid "simple_allow_users (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 +msgid "Comma separated list of users who are allowed to log in." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 +msgid "simple_deny_users (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only " +"to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 +msgid "" +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 +msgid "" +"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> manual page for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 +msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" +"Please note that it is an configuration error if both, simple_allow_users " +"and simple_deny_users, are defined." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:133 +msgid "" +"The following example assumes that SSSD is correctly configured and example." +"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " +"This examples shows only the simple access provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:140 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" access_provider = simple\n" +" simple_allow_users = user1, user2\n" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 +msgid "sssd-ipa" +msgstr "sssd-ipa" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:23 +msgid "" +"This manual page describes the configuration of the IPA provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:36 +msgid "" +"The IPA provider is a back end used to connect to an IPA server. (Refer to " +"the freeipa.org web site for information about IPA servers.) This provider " +"requires that the machine be joined to the IPA domain; configuration is " +"almost entirely self-discovered and obtained directly from the server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:43 +msgid "" +"The IPA provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " +"provider with some exceptions described below." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:55 +msgid "" +"However, it is neither necessary nor recommended to set these options. IPA " +"provider can also be used as an access and chpass provider. As an access " +"provider it uses HBAC (host-based access control) rules. Please refer to " +"freeipa.org for more information about HBAC. No configuration of access " +"provider is required on the client side." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:78 +msgid "ipa_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:81 +msgid "" +"Specifies the name of the IPA domain. This is optional. If not provided, " +"the configuration domain name is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:89 +msgid "ipa_server, ipa_backup_server (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:92 +msgid "" +"The comma-separated list of IP addresses or hostnames of the IPA servers to " +"which SSSD should connect in the order of preference. For more information " +"on failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"This is optional if autodiscovery is enabled. For more information on " +"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:105 +msgid "ipa_hostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:108 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the IPA domain to identify this host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:116 +msgid "ipa_dyndns_update (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:119 +msgid "" +"Optional. This option tells SSSD to automatically update the DNS server " +"built into FreeIPA v2 with the IP address of this client." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:124 +msgid "" +"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " +"the default Kerberos realm must be set properly in /etc/krb5.conf" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:135 +msgid "ipa_dyndns_iface (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:138 +msgid "" +"Optional. Applicable only when ipa_dyndns_update is true. Choose the " +"interface whose IP address should be used for dynamic DNS updates." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:143 +msgid "Default: Use the IP address of the IPA LDAP connection" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:149 +msgid "ipa_hbac_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:152 +msgid "Optional. Use the given string as search base for HBAC related objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:156 +msgid "Default: Use base DN" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:162 +msgid "ipa_host_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:165 +msgid "Optional. Use the given string as search base for host objects." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 +msgid "" +"See <quote>ldap_search_base</quote> for information about configuring " +"multiple search bases." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:174 +msgid "" +"If filter is given in any of search bases and " +"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " +"will be ignored." +msgstr "" + +#. type: Content of: <listitem><para> +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 +#: include/ldap_search_bases_experimental.xml:23 +msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:186 +msgid "ipa_selinux_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:189 +msgid "Optional. Use the given string as search base for SELinux user maps." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:205 +msgid "ipa_subdomains_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:208 +msgid "Optional. Use the given string as search base for trusted domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:217 +msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:224 +msgid "ipa_master_domain_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:227 +msgid "Optional. Use the given string as search base for master domain object." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:236 +msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 +msgid "krb5_validate (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:246 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:253 +msgid "" +"Note that this default differs from the traditional Kerberos provider back " +"end." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:263 +msgid "" +"The name of the Kerberos realm. This is optional and defaults to the value " +"of <quote>ipa_domain</quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:267 +msgid "" +"The name of the Kerberos realm has a special meaning in IPA - it is " +"converted into the base DN to use for performing LDAP operations." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:278 +msgid "" +"Specifies if the host and user principal should be canonicalized when " +"connecting to IPA LDAP and also for AS requests. This feature is available " +"with MIT Kerberos >= 1.7" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:291 +msgid "ipa_hbac_refresh (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:294 +msgid "" +"The amount of time between lookups of the HBAC rules against the IPA server. " +"This will reduce the latency and load on the IPA server if there are many " +"access-control requests made in a short period." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:301 +msgid "Default: 5 (seconds)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:306 +msgid "ipa_hbac_treat_deny_as (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:309 +msgid "" +"This option specifies how to treat the deprecated DENY-type HBAC rules. As " +"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " +"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The " +"client will support two modes of operation during this transition period:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:318 +msgid "" +"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " +"users will be denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:323 +msgid "" +"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " +"careful with this option, as it may result in opening unintended access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:328 +msgid "Default: DENY_ALL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:333 +msgid "ipa_hbac_support_srchost (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:336 +msgid "" +"If this is set to false, then srchost as given to SSSD by PAM will be " +"ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 +msgid "" +"Note that if set to <emphasis>False</emphasis>, this option casuses filters " +"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:351 +msgid "ipa_automount_location (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:354 +msgid "The automounter location this IPA client will be using" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:357 +msgid "Default: The location named \"default\"" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:364 +msgid "ipa_netgroup_member_of (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:367 +msgid "The LDAP attribute that lists netgroup's memberships." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:376 +msgid "ipa_netgroup_member_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:379 +msgid "" +"The LDAP attribute that lists system users and groups that are direct " +"members of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 +msgid "Default: memberUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:389 +msgid "ipa_netgroup_member_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:392 +msgid "" +"The LDAP attribute that lists hosts and host groups that are direct members " +"of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 +msgid "Default: memberHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:401 +msgid "ipa_netgroup_member_ext_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:404 +msgid "" +"The LDAP attribute that lists FQDNs of hosts and host groups that are " +"members of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:408 +msgid "Default: externalHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:413 +msgid "ipa_netgroup_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:416 +msgid "The LDAP attribute that contains NIS domain name of the netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:420 +msgid "Default: nisDomainName" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:426 +msgid "ipa_host_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 +msgid "The object class of a host entry in LDAP." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 +msgid "Default: ipaHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:437 +msgid "ipa_host_fqdn (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:440 +msgid "The LDAP attribute that contains FQDN of the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:443 +msgid "Default: fqdn" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:449 +msgid "ipa_selinux_usermap_object_class (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:460 +msgid "ipa_selinux_usermap_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:463 +msgid "The LDAP attribute that contains the name of SELinux usermap." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:472 +msgid "ipa_selinux_usermap_member_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:475 +msgid "" +"The LDAP attribute that contains all users / groups this rule match against." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:484 +msgid "ipa_selinux_usermap_member_host (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:487 +msgid "" +"The LDAP attribute that contains all hosts / hostgroups this rule match " +"against." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:496 +msgid "ipa_selinux_usermap_see_also (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:499 +msgid "" +"The LDAP attribute that contains DN of HBAC rule which can be used for " +"matching instead of memberUser and memberHost" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:504 +msgid "Default: seeAlso" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:509 +msgid "ipa_selinux_usermap_selinux_user (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:512 +msgid "The LDAP attribute that contains SELinux user string itself." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:516 +msgid "Default: ipaSELinuxUser" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:521 +msgid "ipa_selinux_usermap_enabled (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:524 +msgid "" +"The LDAP attribute that contains whether or not is user map enabled for " +"usage." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:528 +msgid "Default: ipaEnabledFlag" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:533 +msgid "ipa_selinux_usermap_user_category (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:536 +msgid "The LDAP attribute that contains user category such as 'all'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:540 +msgid "Default: userCategory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:545 +msgid "ipa_selinux_usermap_host_category (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:548 +msgid "The LDAP attribute that contains host category such as 'all'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:552 +msgid "Default: hostCategory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:557 +msgid "ipa_selinux_usermap_uuid (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:560 +msgid "The LDAP attribute that contains unique ID of the user map." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:564 +msgid "Default: ipaUniqueID" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:569 +msgid "ipa_host_ssh_public_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:572 +msgid "The LDAP attribute that contains the host's SSH public keys." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:576 +msgid "Default: ipaSshPubKey" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 +msgid "" +"The following example assumes that SSSD is correctly configured and example." +"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " +"This examples shows only the ipa provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ipa.5.xml:621 +#, no-wrap +msgid "" +" [domain/example.com]\n" +" id_provider = ipa\n" +" ipa_server = ipaserver.example.com\n" +" ipa_hostname = myhost.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-ad.5.xml:10 sssd-ad.5.xml:16 +msgid "sssd-ad" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:23 +msgid "" +"This manual page describes the configuration of the AD provider for " +"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " +"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE " +"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:36 +msgid "" +"The AD provider is a back end used to connect to an Active Directory server. " +"This provider requires that the machine be joined to the AD domain and a " +"keytab is available." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:41 +msgid "" +"The AD provider supports connecting to Active Directory 2008 R2 or later. " +"Earlier versions may work, but are unsupported." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:45 +msgid "" +"The AD provider accepts the same options used by the <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-" +"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication " +"provider with some exceptions described below." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:57 +msgid "" +"However, it is neither necessary nor recommended to set these options. The " +"AD provider can also be used as an access and chpass provider. No " +"configuration of the access provider is required on the client side." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ad.5.xml:69 +#, no-wrap +msgid "" +"ldap_id_mapping = False\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:63 +msgid "" +"By default, the AD provider will map UID and GID values from the objectSID " +"parameter in Active Directory. For details on this, see the <quote>ID " +"MAPPING</quote> section below. If you want to disable ID mapping and instead " +"rely on POSIX attributes defined in Active Directory, you should set " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:83 +msgid "ad_domain (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:86 +msgid "" +"Specifies the name of the Active Directory domain. This is optional. If not " +"provided, the configuration domain name is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:91 +msgid "" +"For proper operation, this option should be specified as the lower-case " +"version of the long version of the Active Directory domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:99 +msgid "ad_server, ad_backup_server (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:102 +msgid "" +"The comma-separated list of IP addresses or hostnames of the AD servers to " +"which SSSD should connect in order of preference. For more information on " +"failover and server redundancy, see the <quote>FAILOVER</quote> section. " +"This is optional if autodiscovery is enabled. For more information on " +"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:115 +msgid "ad_hostname (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:118 +msgid "" +"Optional. May be set on machines where the hostname(5) does not reflect the " +"fully qualified name used in the Active Directory domain to identify this " +"host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:124 +msgid "" +"This field is used to determine the host principal in use in the keytab. It " +"must match the hostname for which the keytab was issued." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:193 +#, no-wrap +msgid "" +"fallback_homedir = /home/%u\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:231 +msgid "" +"The following example assumes that SSSD is correctly configured and example." +"com is one of the domains in the <replaceable>[sssd]</replaceable> section. " +"This example shows only the AD provider-specific options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ad.5.xml:238 +#, no-wrap +msgid "" +"[domain/EXAMPLE]\n" +"id_provider = ad\n" +"auth_provider = ad\n" +"access_provider = ad\n" +"chpass_provider = ad\n" +"\n" +"ad_server = dc1.example.com\n" +"ad_hostname = client.example.com\n" +"ad_domain = example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16 +msgid "sssd-sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:23 +msgid "" +"This manual page describes how to configure <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:36 +msgid "Configuring sudo to cooperate with SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:38 +msgid "" +"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to " +"the <emphasis>sudoers</emphasis> entry in <citerefentry> " +"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:47 +msgid "" +"For example, to configure sudo to first lookup rules in the standard " +"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> file (which should contain rules that apply to " +"local users) and then in SSSD, the nsswitch.conf file should contain the " +"following line:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:57 +#, no-wrap +msgid "sudoers: files sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:61 +msgid "" +"More information about configuring the sudoers search order from the " +"nsswitch.conf file as well as information about the LDAP schema that is used " +"to store sudo rules in the directory can be found in <citerefentry> " +"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:72 +msgid "Configuring SSSD to fetch sudo rules" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:74 +msgid "" +"The following example shows how to configure SSSD to download sudo rules " +"from an LDAP server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:79 +#, no-wrap +msgid "" +"[sssd]\n" +"config_file_version = 2\n" +"services = nss, pam, sudo\n" +"domains = EXAMPLE\n" +"\n" +"[domain/EXAMPLE]\n" +"id_provider = ldap\n" +"sudo_provider = ldap\n" +"ldap_uri = ldap://example.com\n" +"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:92 +msgid "" +"The following example illustrates setting up SSSD to download sudo rules " +"from an IPA server. It is necessary to use the LDAP provider and set " +"appropriate connection parameters to authenticate correctly against the IPA " +"server, because SSSD does not have native support of IPA provider for sudo " +"yet." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:100 +#, no-wrap +msgid "" +"[sssd]\n" +"config_file_version = 2\n" +"services = nss, pam, sudo\n" +"domains = EXAMPLE\n" +"\n" +"[domain/EXAMPLE]\n" +"id_provider = ipa\n" +"ipa_domain = example.com\n" +"ipa_server = ipa.example.com\n" +"ldap_tls_cacert = /etc/ipa/ca.crt\n" +"\n" +"sudo_provider = ldap\n" +"ldap_uri = ldap://ipa.example.com\n" +"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" +"ldap_sasl_mech = GSSAPI\n" +"ldap_sasl_authid = host/hostname.example.com\n" +"ldap_sasl_realm = EXAMPLE.COM\n" +"krb5_server = ipa.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:123 +msgid "The SUDO rule caching mechanism" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:125 +msgid "" +"The biggest challenge, when developing sudo support in SSSD, was to ensure " +"that running sudo with SSSD as the data source provides the same user " +"experience and is as fast as sudo but keeps providing the most current set " +"of rules as possible. To satisfy these requirements, SSSD uses three kinds " +"of updates. They are referred to as full refresh, smart refresh and rules " +"refresh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:133 +msgid "" +"The <emphasis>smart refresh</emphasis> periodically downloads rules that are " +"new or were modified after the last update. Its primary goal is to keep the " +"database growing by fetching only small increments that do not generate " +"large amounts of network traffic." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:139 +msgid "" +"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored " +"in the cache and replaces them with all rules that are stored on the server. " +"This is used to keep the cache consistent by removing every rule which was " +"deleted from the server. However, full refresh may produce a lot of traffic " +"and thus it should be run only occasionally depending on the size and " +"stability of the sudo rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:147 +msgid "" +"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user " +"more permission than defined. It is triggered each time the user runs sudo. " +"Rules refresh will find all rules that apply to this user, check their " +"expiration time and redownload them if expired. In the case that any of " +"these rules are missing on the server, the SSSD will do an out of band full " +"refresh because more rules (that apply to other users) may have been deleted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:156 +msgid "" +"If enabled, SSSD will store only rules that can be applied to this machine. " +"This means rules that contain one of the following values in " +"<emphasis>sudoHost</emphasis> attribute:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:163 +msgid "keyword ALL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:168 +msgid "regular expression" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:173 +msgid "netgroup (in the form \"+netgroup\")" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:178 +msgid "hostname or fully qualified domain name of this machine" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:183 +msgid "one of the IP addresses of this machine" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:188 +msgid "one of the IP addresses of the network (in the form \"address/mask\")" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:194 +msgid "" +"There are many configuration options that can be used to adjust the " +"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" +msgstr "sssd" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 +msgid "" +"<command>sssd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 +msgid "" +"<command>SSSD</command> provides a set of daemons to manage access to remote " +"directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:53 +msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:57 +msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:60 +msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:69 +msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:73 +msgid "" +"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:76 +msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:85 +msgid "<option>-f</option>,<option>--debug-to-files</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:89 +msgid "" +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:97 +msgid "<option>-D</option>,<option>--daemon</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:101 +msgid "Become a daemon after starting up." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:107 sss_seed.8.xml:136 +msgid "<option>-i</option>,<option>--interactive</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:111 +msgid "Run in the foreground, don't become a daemon." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:117 sss_debuglevel.8.xml:42 +msgid "<option>-c</option>,<option>--config</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:121 sss_debuglevel.8.xml:46 +msgid "" +"Specify a non-default config file. The default is <filename>/etc/sssd/sssd." +"conf</filename>. For reference on the config file syntax and options, " +"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:135 +msgid "<option>--version</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:139 +msgid "Print version number and exit." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:147 +msgid "Signals" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:150 +msgid "SIGTERM/SIGINT" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:153 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then " +"shut down the monitor." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:159 +msgid "SIGHUP" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:162 +msgid "" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs " +"like logrotate." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:170 +msgid "SIGUSR1" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:173 +msgid "" +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:179 +msgid "SIGUSR2" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:182 +msgid "" +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 +msgid "sss_obfuscate" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_obfuscate.8.xml:16 +msgid "obfuscate a clear text password" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_obfuscate.8.xml:21 +msgid "" +"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:32 +msgid "" +"<command>sss_obfuscate</command> converts a given password into human-" +"unreadable format and places it into appropriate domain section of the SSSD " +"config file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:37 +msgid "" +"The cleartext password is read from standard input or entered " +"interactively. The obfuscated password is put into " +"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the " +"<quote>ldap_default_authtok_type</quote> parameter is set to " +"<quote>obfuscated_password</quote>. Refer to <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry> for more details on these parameters." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_obfuscate.8.xml:49 +msgid "" +"Please note that obfuscating the password provides <emphasis>no real " +"security benefit</emphasis> as it is still possible for an attacker to " +"reverse-engineer the password back. Using better authentication mechanisms " +"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> " +"advised." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:63 +msgid "<option>-s</option>,<option>--stdin</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:67 +msgid "The password to obfuscate will be read from standard input." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79 +#: sss_ssh_knownhostsproxy.1.xml:78 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:79 +msgid "" +"The SSSD domain to use the password in. The default name is <quote>default</" +"quote>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_obfuscate.8.xml:86 +msgid "" +"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:91 +msgid "Read the config file specified by the positional parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_obfuscate.8.xml:95 +msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" +msgstr "create a new user" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 +msgid "" +"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 +msgid "" +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 sss_seed.8.xml:76 +msgid "" +"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 +msgid "" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100 +msgid "" +"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112 +msgid "" +"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/" +"baseDirectory</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124 +msgid "" +"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently <filename>/bin/bash</" +"filename>. The default can be changed with <quote>user_defaults/" +"defaultShell</quote> setting in sssd.conf." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 +msgid "" +"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 +msgid "" +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "" +"Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 +msgid "" +"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in " +"the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 +msgid "" +"This option is only valid if the <option>-m</option> (or <option>--create-" +"home</option>) option is specified, or creation of home directories is set " +"to TRUE in the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 +msgid "" +"The SELinux user for the user's login. If not specified, the system default " +"will be used." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 +msgid "sssd-krb5" +msgstr "sssd-krb5" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:23 +msgid "" +"This manual page describes the configuration of the Kerberos 5 " +"authentication backend for <citerefentry> <refentrytitle>sssd</" +"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed " +"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of " +"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:36 +msgid "" +"The Kerberos 5 authentication backend contains auth and chpass providers. It " +"must be paired with an identity provider in order to function properly (for " +"example, id_provider = ldap). Some information required by the Kerberos 5 " +"authentication backend must be provided by the identity provider, such as " +"the user's Kerberos Principal Name (UPN). The configuration of the identity " +"provider should have an entry to specify the UPN. Please refer to the man " +"page for the applicable identity provider for details on how to configure " +"this." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:47 +msgid "" +"This backend also provides access control based on the .k5login file in the " +"home directory of the user. See <citerefentry> <refentrytitle>.k5login</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. " +"Please note that an empty .k5login file will deny all access to this user. " +"To activate this feature, use 'access_provider = krb5' in your SSSD " +"configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:55 +msgid "" +"In the case where the UPN is not available in the identity backend, " +"<command>sssd</command> will construct a UPN using the format " +"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:77 +msgid "" +"Specifies the comma-separated list of IP addresses or hostnames of the " +"Kerberos servers to which SSSD should connect, in the order of preference. " +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. An optional port number (preceded by a " +"colon) may be appended to the addresses or hostnames. If empty, service " +"discovery is enabled; for more information, refer to the <quote>SERVICE " +"DISCOVERY</quote> section." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 +msgid "" +"The name of the Kerberos realm. This option is required and must be " +"specified." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 +msgid "krb5_kpasswd, krb5_backup_kpasswd (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 +msgid "" +"If the change password service is not running on the KDC, alternative " +"servers can be defined here. An optional port number (preceded by a colon) " +"may be appended to the addresses or hostnames." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 +msgid "" +"For more information on failover and server redundancy, see the " +"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd " +"servers to try, the backend is not switched to operate offline if " +"authentication against the KDC is still possible." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 +msgid "Default: Use the KDC" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 +msgid "krb5_ccachedir (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 +msgid "" +"Directory to store credential caches. All the substitution sequences of " +"krb5_ccname_template can be used here, too, except %d and %P. If the " +"directory does not exist, it will be created. If %u, %U, %p or %h are used, " +"a private directory belonging to the user is created. Otherwise, a public " +"directory with restricted deletion flag (aka sticky bit, as described in " +"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> " +"</citerefentry> for details) is created." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:152 +msgid "Default: /tmp" +msgstr "Noklusējuma: / tmp" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:158 +msgid "krb5_ccname_template (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:174 +msgid "login UID" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:177 +msgid "%p" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:178 +msgid "principal name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:182 +msgid "%r" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:183 +msgid "realm name" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:186 +msgid "%h" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:187 +msgid "home directory" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:192 +msgid "value of krb5ccache_dir" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:197 +msgid "%P" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:198 +msgid "the process ID of the SSSD client" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:161 +msgid "" +"Location of the user's credential cache. Two credential cache types are " +"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache " +"can be specified either as <replaceable>TYPE:RESIDUAL</replaceable>, or as " +"an absolute path, which implies the <quote>FILE</quote> type. In the " +"template, the following sequences are substituted: <placeholder type=" +"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is " +"used to create a unique filename in a safe way." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:212 +msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:218 +msgid "krb5_auth_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:221 +msgid "" +"Timeout in seconds after an online authentication request or change password " +"request is aborted. If possible, the authentication request is continued " +"offline." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:235 +msgid "" +"Verify with the help of krb5_keytab that the TGT obtained has not been " +"spoofed. The keytab is checked for entries sequentially, and the first entry " +"with a matching realm is used for validation. If no entry matches the realm, " +"the last entry in the keytab is used. This process can be used to validate " +"environments using cross-realm trust by placing the appropriate keytab entry " +"as the last entry or the only entry in the keytab file." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:250 +msgid "krb5_keytab (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:253 +msgid "" +"The location of the keytab to use when validating credentials obtained from " +"KDCs." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 +msgid "Default: /etc/krb5.keytab" +msgstr "Noklusējuma: /etc/krb5.keytab" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:263 +msgid "krb5_store_password_if_offline (boolean)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:266 +msgid "" +"Store the password of the user if the provider is offline and use it to " +"request a TGT when the provider comes online again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:271 +msgid "" +"NOTE: this feature is only available on Linux. Passwords stored in this way " +"are kept in plaintext in the kernel keyring and are potentially accessible " +"by the root user (with difficulty)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:284 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:287 +msgid "" +"Request a renewable ticket with a total lifetime, given as an integer " +"immediately followed by a time unit:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:326 +#, fuzzy +#| msgid "<emphasis>s</emphasis> seconds" +msgid "<emphasis>s</emphasis> for seconds" +msgstr "<emphasis>% s</emphasis> sekundes" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:329 +#, fuzzy +#| msgid "<emphasis>m</emphasis> minutes" +msgid "<emphasis>m</emphasis> for minutes" +msgstr "<emphasis>m</emphasis> minūtes" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:298 sssd-krb5.5.xml:332 +#, fuzzy +#| msgid "<emphasis>s</emphasis> seconds" +msgid "<emphasis>h</emphasis> for hours" +msgstr "<emphasis>% s</emphasis> sekundes" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:301 sssd-krb5.5.xml:335 +#, fuzzy +#| msgid "<emphasis>s</emphasis> seconds" +msgid "<emphasis>d</emphasis> for days." +msgstr "<emphasis>% s</emphasis> sekundes" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:304 +msgid "If there is no unit given, <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:308 +msgid "" +"NOTE: It is not possible to mix units. To set the renewable lifetime to one " +"and a half hours, use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:313 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:319 +msgid "krb5_lifetime (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:322 +msgid "" +"Request ticket with a with a lifetime, given as an integer immediately " +"followed by a time unit:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:338 +msgid "If there is no unit given <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:342 +msgid "" +"NOTE: It is not possible to mix units. To set the lifetime to one and a " +"half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:347 +msgid "" +"Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:354 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:357 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:362 +msgid "If this option is not set or is 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:372 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:375 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-" +"authentication. The following options are supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:380 +msgid "" +"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this " +"option at all." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:384 +msgid "" +"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, " +"continue the authentication without it." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:389 +msgid "" +"<emphasis>demand</emphasis> to use FAST. The authentication fails if the " +"server does not require fast." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:394 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:397 +msgid "NOTE: a keytab is required to use FAST." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:400 +msgid "" +"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If " +"SSSD is used with an older version of MIT Kerberos, using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:409 +msgid "krb5_fast_principal (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:412 +msgid "Specifies the server principal to use for FAST." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:421 +msgid "" +"Specifies if the host and user principal should be canonicalized. This " +"feature is available with MIT Kerberos 1.7 and later versions." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:65 +msgid "" +"If the auth-module krb5 is used in an SSSD domain, the following options " +"must be used. See the <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section " +"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD " +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:443 +msgid "" +"The following example assumes that SSSD is correctly configured and FOO is " +"one of the domains in the <replaceable>[sssd]</replaceable> section. This " +"example shows only configuration of Kerberos authentication; it does not " +"include any identity provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:451 +#, no-wrap +msgid "" +" [domain/FOO]\n" +" auth_provider = krb5\n" +" krb5_server = 192.168.1.1\n" +" krb5_realm = EXAMPLE.COM\n" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 +msgid "sss_groupadd" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupadd.8.xml:16 +msgid "create a new group" +msgstr "izveidot jaunu grupu" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupadd.8.xml:21 +msgid "" +"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupadd.8.xml:32 +msgid "" +"<command>sss_groupadd</command> creates a new group. These groups are " +"compatible with POSIX groups, with the additional feature that they can " +"contain other groups as members." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupadd.8.xml:43 sss_seed.8.xml:88 +msgid "" +"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupadd.8.xml:48 +msgid "" +"Set the GID of the group to the value of <replaceable>GID</replaceable>. If " +"not given, it is chosen automatically." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_userdel.8.xml:10 sss_userdel.8.xml:15 +msgid "sss_userdel" +msgstr "sss_userdel" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_userdel.8.xml:16 +msgid "delete a user account" +msgstr "dzēst lietotāja kontu" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_userdel.8.xml:21 +msgid "" +"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_userdel.8.xml:32 +msgid "" +"<command>sss_userdel</command> deletes a user identified by login name " +"<replaceable>LOGIN</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:44 +msgid "<option>-r</option>,<option>--remove</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:48 +msgid "" +"Files in the user's home directory will be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:56 +msgid "<option>-R</option>,<option>--no-remove</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:60 +msgid "" +"Files in the user's home directory will NOT be removed along with the home " +"directory itself and the user's mail spool. Overrides the configuration." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:68 +msgid "<option>-f</option>,<option>--force</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:72 +msgid "" +"This option forces <command>sss_userdel</command> to remove the user's home " +"directory and mail spool, even if they are not owned by the specified user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_userdel.8.xml:80 +msgid "<option>-k</option>,<option>--kick</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_userdel.8.xml:84 +msgid "Before actually deleting the user, terminate all his processes." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 +msgid "sss_groupdel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupdel.8.xml:16 +msgid "delete a group" +msgstr "dzēst grupu" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupdel.8.xml:21 +msgid "" +"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupdel.8.xml:32 +msgid "" +"<command>sss_groupdel</command> deletes a group identified by its name " +"<replaceable>GROUP</replaceable> from the system." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 +msgid "sss_groupshow" +msgstr "sss_groupshow" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_groupshow.8.xml:16 +msgid "print properties of a group" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_groupshow.8.xml:21 +msgid "" +"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_groupshow.8.xml:32 +msgid "" +"<command>sss_groupshow</command> displays information about a group " +"identified by its name <replaceable>GROUP</replaceable>. The information " +"includes the group ID number, members of the group and the parent group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_groupshow.8.xml:43 +msgid "<option>-R</option>,<option>--recursive</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_groupshow.8.xml:47 +msgid "" +"Also print indirect group members in a tree-like hierarchy. Note that this " +"also affects printing parent groups - without <option>R</option>, only the " +"direct parent will be printed." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_usermod.8.xml:10 sss_usermod.8.xml:15 +msgid "sss_usermod" +msgstr "sss_usermod" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_usermod.8.xml:16 +msgid "modify a user account" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_usermod.8.xml:21 +msgid "" +"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_usermod.8.xml:32 +msgid "" +"<command>sss_usermod</command> modifies the account specified by " +"<replaceable>LOGIN</replaceable> to reflect the changes that are specified " +"on the command line." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:60 +msgid "The home directory of the user account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:71 +msgid "The user's login shell." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:82 +msgid "" +"Append this user to groups specified by the <replaceable>GROUPS</" +"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is " +"a comma separated list of group names." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:96 +msgid "" +"Remove this user from groups specified by the <replaceable>GROUPS</" +"replaceable> parameter." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:103 +msgid "<option>-l</option>,<option>--lock</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:107 +msgid "Lock the user account. The user won't be able to log in." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_usermod.8.xml:114 +msgid "<option>-u</option>,<option>--unlock</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:118 +msgid "Unlock the user account." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_usermod.8.xml:129 +msgid "The SELinux user for the user's login." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_cache.8.xml:10 sss_cache.8.xml:15 +msgid "sss_cache" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_cache.8.xml:16 +msgid "perform cache cleanup" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_cache.8.xml:21 +msgid "" +"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_cache.8.xml:31 +msgid "" +"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated " +"records are forced to be reloaded from server as soon as related SSSD " +"backend is online." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:42 +msgid "" +"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:47 +msgid "Invalidate specific user." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:53 +msgid "<option>-U</option>,<option>--users</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:57 +msgid "" +"Invalidate all user records. This option overrides invalidation of specific " +"user if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:64 +msgid "" +"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:69 +msgid "Invalidate specific group." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:75 +msgid "<option>-G</option>,<option>--groups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:79 +msgid "" +"Invalidate all group records. This option overrides invalidation of specific " +"group if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:86 +msgid "" +"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:91 +msgid "Invalidate specific netgroup." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:97 +msgid "<option>-N</option>,<option>--netgroups</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:101 +msgid "" +"Invalidate all netgroup records. This option overrides invalidation of " +"specific netgroup if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:108 +msgid "" +"<option>-s</option>,<option>--service</option> <replaceable>service</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:113 +msgid "Invalidate specific service." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:119 +msgid "<option>-S</option>,<option>--services</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:123 +msgid "" +"Invalidate all service records. This option overrides invalidation of " +"specific service if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:130 +msgid "" +"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:135 +msgid "Invalidate specific autofs maps." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:141 +msgid "<option>-A</option>,<option>--autofs-maps</option>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:145 +msgid "" +"Invalidate all autofs maps. This option overrides invalidation of specific " +"map if it was also set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_cache.8.xml:152 +msgid "" +"<option>-d</option>,<option>--domain</option> <replaceable>domain</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_cache.8.xml:157 +msgid "Restrict invalidation process only to a particular domain." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15 +msgid "sss_debuglevel" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_debuglevel.8.xml:16 +msgid "change debug level while SSSD is running" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_debuglevel.8.xml:21 +msgid "" +"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</" +"replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_debuglevel.8.xml:32 +msgid "" +"<command>sss_debuglevel</command> changes debug level of SSSD monitor and " +"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is " +"running." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_debuglevel.8.xml:59 +msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_seed.8.xml:10 sss_seed.8.xml:15 +msgid "sss_seed" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_seed.8.xml:16 +msgid "seed the SSSD cache with a user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_seed.8.xml:21 +msgid "" +"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</" +"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</" +"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></" +"arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_seed.8.xml:33 +msgid "" +"<command>sss_seed</command> seeds the SSSD cache with a user entry and " +"temporary password. If a user entry is already present in the SSSD cache " +"then the entry is updated with the temporary password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:46 +msgid "" +"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:51 +msgid "" +"Provide the name of the domain in which the user is a member of. The domain " +"is also used to retrieve user information. The domain must be configured in " +"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. " +"Information retrieved from the domain overrides what is provided in the " +"options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:63 +msgid "" +"<option>-n</option>,<option>--username</option> <replaceable>USER</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:68 +msgid "" +"The username of the entry to be created or modified in the cache. The " +"<replaceable>USER</replaceable> option must be provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:81 +msgid "Set the UID of the user to <replaceable>UID</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:93 +msgid "Set the GID of the user to <replaceable>GID</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:117 +msgid "" +"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:129 +msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:140 +msgid "" +"Interactive mode for entering user information. This option will only prompt " +"for information not provided in the options or retrieved from the domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:148 +msgid "" +"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</" +"replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:153 +msgid "" +"Specify file to read user's password from. (if not specified password is " +"prompted for)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_seed.8.xml:165 +msgid "" +"The length of the password (or the size of file specified with -p or --" +"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes " +"on systems with no globally-defined PASS_MAX value)." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 +msgid "sss_ssh_authorizedkeys" +msgstr "" + +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11 +msgid "1" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_authorizedkeys.1.xml:16 +msgid "get OpenSSH authorized keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_authorizedkeys.1.xml:21 +msgid "" +"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:32 +msgid "" +"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user " +"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys " +"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> for more information)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:41 +msgid "" +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</" +"command> for public key user authentication if it is compiled with support " +"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</" +"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> " +"<manvolnum>5</manvolnum></citerefentry> options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:58 +#, no-wrap +msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:51 +msgid "" +"If <quote>AuthorizedKeysCommand</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by putting the following directive " +"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</" +"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_authorizedkeys.1.xml:69 +#, no-wrap +msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_authorizedkeys.1.xml:62 +msgid "" +"If <quote>PubkeyAgent</quote> is supported, " +"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></" +"citerefentry> can be configured to use it by using the following directive " +"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting" +"\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_authorizedkeys.1.xml:84 +msgid "" +"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15 +msgid "sss_ssh_knownhostsproxy" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_ssh_knownhostsproxy.1.xml:16 +msgid "get OpenSSH host keys" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_ssh_knownhostsproxy.1.xml:21 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>HOST</replaceable></arg> <arg " +"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:33 +msgid "" +"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for " +"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH " +"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section " +"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</" +"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/" +"pubconf/known_hosts</filename> and estabilishes connection to the host." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:43 +msgid "" +"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to " +"create the connection to the host instead of opening a socket." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sss_ssh_knownhostsproxy.1.xml:55 +#, no-wrap +msgid "" +"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n" +"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_ssh_knownhostsproxy.1.xml:48 +msgid "" +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</" +"command> for host key authentication by using the following directives for " +"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></" +"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_ssh_knownhostsproxy.1.xml:66 +msgid "" +"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:71 +msgid "" +"Use port <replaceable>PORT</replaceable> to connect to the host. By " +"default, port 22 is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_ssh_knownhostsproxy.1.xml:83 +msgid "" +"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/service_discovery.xml:2 +msgid "SERVICE DISCOVERY" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/service_discovery.xml:4 +msgid "" +"The service discovery feature allows back ends to automatically find the " +"appropriate servers to connect to using a special DNS query. This feature is " +"not supported for backup servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57 +msgid "Configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:11 +msgid "" +"If no servers are specified, the back end automatically uses service " +"discovery to try to find a server. Optionally, the user may choose to use " +"both fixed server addresses and service discovery by inserting a special " +"keyword, <quote>_srv_</quote>, in the list of servers. The order of " +"preference is maintained. This feature is useful if, for example, the user " +"prefers to use service discovery whenever possible, and fall back to a " +"specific server when no servers can be discovered using DNS." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:23 +msgid "The domain name" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:25 +msgid "" +"Please refer to the <quote>dns_discovery_domain</quote> parameter in the " +"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</" +"manvolnum> </citerefentry> manual page for more details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:35 +msgid "The protocol" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 +msgid "" +"For more information on the service discovery mechanism, refer to RFC 2782." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/failover.xml:2 +msgid "FAILOVER" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/failover.xml:4 +msgid "" +"The failover feature allows back ends to automatically switch to a different " +"server if the current server fails." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:8 +msgid "Failover Syntax" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:10 +msgid "" +"The list of servers is given as a comma-separated list; any number of spaces " +"is allowed around the comma. The servers are listed in order of preference. " +"The list can contain any number of servers." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:16 +msgid "" +"For each failover-enabled config option, two variants exist: " +"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is " +"that servers in the primary list are preferred and backup servers are only " +"searched if no primary servers can be reached. If a backup server is " +"selected, a timeout of 30 seconds is set. After this timeout SSSD will " +"periodically try to reconnect to one of the primary servers. If it succeeds, " +"it will replace the current active (backup) server." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/failover.xml:27 +msgid "The Failover Mechanism" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:29 +msgid "" +"The failover mechanism distinguishes between a machine and a service. The " +"back end first tries to resolve the hostname of a given machine; if this " +"resolution attempt fails, the machine is considered offline. No further " +"attempts are made to connect to this machine for any other service. If the " +"resolution attempt succeeds, the back end tries to connect to a service on " +"this machine. If the service connection attempt fails, then only this " +"particular service is considered offline and the back end automatically " +"switches over to the next service. The machine is still considered online " +"and might still be tried for another service." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:42 +msgid "" +"Further connection attempts are made to machines or services marked as " +"offline after a specified period of time; this is currently hard coded to 30 " +"seconds." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:47 +msgid "" +"If there are no more machines to try, the back end as a whole switches to " +"offline mode, and then attempts to reconnect every 30 seconds." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/ldap_id_mapping.xml:2 +msgid "ID MAPPING" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/ldap_id_mapping.xml:4 +msgid "" +"The ID-mapping feature allows SSSD to act as a client of Active Directory " +"without requiring administrators to extend user attributes to support POSIX " +"attributes for user and group identifiers." +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/ldap_id_mapping.xml:9 +msgid "" +"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are " +"ignored. This is to avoid the possibility of conflicts between automatically-" +"assigned and manually-assigned values. If you need to use manually-assigned " +"values, ALL values must be manually-assigned." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/ldap_id_mapping.xml:17 +msgid "Mapping Algorithm" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:19 +msgid "" +"Active Directory provides an objectSID for every user and group object in " +"the directory. This objectSID can be broken up into components that " +"represent the Active Directory domain identity and the relative identifier " +"(RID) of the user or group object." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:25 +msgid "" +"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " +"into equally-sized component sections - called \"slices\"-. Each slice " +"represents the space available to an Active Directory domain." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:31 +msgid "" +"When a user or group entry for a particular domain is encountered for the " +"first time, the SSSD allocates one of the available slices for that domain. " +"In order to make this slice-assignment repeatable on different client " +"machines, we select the slice based on the following algorithm:" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:38 +msgid "" +"The SID string is passed through the murmurhash3 algorithm to convert it to " +"a 32-bit hashed value. We then take the modulus of this value with the total " +"number of available slices to pick the slice." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:44 +msgid "" +"NOTE: It is possible to encounter collisions in the hash and subsequent " +"modulus. In these situations, we will select the next available slice, but " +"it may not be possible to reproduce the same exact set of slices on other " +"machines (since the order that they are encountered will determine their " +"slice). In this situation, it is recommended to either switch to using " +"explicit POSIX attributes in Active Directory (disabling ID-mapping) or " +"configure a default domain to guarantee that at least one is always " +"consistent. See <quote>Configuration</quote> for details." +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:59 +msgid "" +"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para><programlisting> +#: include/ldap_id_mapping.xml:64 +#, no-wrap +msgid "" +"ldap_id_mapping = True\n" +"ldap_schema = ad\n" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/ldap_id_mapping.xml:69 +msgid "" +"The default configuration results in configuring 10,000 slices, each capable " +"of holding up to 200,000 IDs, starting from 10,001 and going up to " +"2,000,100,000. This should be sufficient for most deployments." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><title> +#: include/ldap_id_mapping.xml:75 +msgid "Advanced Configuration" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:78 +msgid "ldap_idmap_range_min (integer)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:81 +msgid "" +"Specifies the lower bound of the range of POSIX IDs to use for mapping " +"Active Directory user and group SIDs." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:85 +msgid "" +"NOTE: This option is different from <quote>min_id</quote> in that " +"<quote>min_id</quote> acts to filter the output of requests to this domain, " +"whereas this option controls the range of ID assignment. This is a subtle " +"distinction, but the good general advice would be to have <quote>min_id</" +"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131 +msgid "Default: 200000" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:100 +msgid "ldap_idmap_range_max (integer)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:103 +msgid "" +"Specifies the upper bound of the range of POSIX IDs to use for mapping " +"Active Directory user and group SIDs." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:107 +msgid "" +"NOTE: This option is different from <quote>max_id</quote> in that " +"<quote>max_id</quote> acts to filter the output of requests to this domain, " +"whereas this option controls the range of ID assignment. This is a subtle " +"distinction, but the good general advice would be to have <quote>max_id</" +"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:117 +msgid "Default: 2000200000" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:122 +msgid "ldap_idmap_range_size (integer)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:125 +msgid "" +"Specifies the number of IDs available for each slice. If the range size " +"does not divide evenly into the min and max values, it will create as many " +"complete slices as it can." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:136 +msgid "ldap_idmap_default_domain_sid (string)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:139 +msgid "" +"Specify the domain SID of the default domain. This will guarantee that this " +"domain will always be assigned to slice zero in the ID map, bypassing the " +"murmurhash algorithm described above." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:150 +msgid "ldap_idmap_default_domain (string)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:153 +msgid "Specify the name of the default domain." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term> +#: include/ldap_id_mapping.xml:161 +msgid "ldap_idmap_autorid_compat (boolean)" +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:164 +msgid "" +"Changes the behavior of the ID-mapping algorithm to behave more similarly to " +"winbind's <quote>idmap_autorid</quote> algorithm." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:169 +msgid "" +"When this option is configured, domains will be allocated starting with " +"slice zero and increasing monatomically with each additional domain." +msgstr "" + +#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> +#: include/ldap_id_mapping.xml:174 +msgid "" +"NOTE: This algorithm is non-deterministic (it depends on the order that " +"users and groups are requested). If this mode is required for compatibility " +"with machines running winbind, it is recommended to also use the " +"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at " +"least one domain is consistently allocated to slice zero." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help.xml:3 +msgid "<option>-?</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <varlistentry><listitem><para> +#: include/param_help.xml:7 include/param_help_py.xml:7 +msgid "Display help message and exit." +msgstr "" + +#. type: Content of: <varlistentry><term> +#: include/param_help_py.xml:3 +msgid "<option>-h</option>,<option>--help</option>" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:3 +msgid "" +"Bit mask that indicates which debug levels will be visible. 0x0010 is the " +"default value as well as the lowest allowed value, 0xFFF0 is the most " +"verbose mode. This setting overrides the settings from config file." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:8 +msgid "Currently supported debug levels:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:11 +msgid "" +"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent " +"SSSD from starting up or causes it to cease running." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:15 +msgid "" +"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill " +"the SSSD, but one that indicates that at least one major feature is not " +"going to work properly." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:20 +msgid "" +"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a " +"particular request or operation has failed." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:24 +msgid "" +"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would " +"percolate down to cause the operation failure of 2." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:28 +msgid "<emphasis>0x0100</emphasis>: Configuration settings." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:31 +msgid "<emphasis>0x0200</emphasis>: Function data." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:34 +msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:37 +msgid "" +"<emphasis>0x1000</emphasis>: Trace messages for internal control functions." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:40 +msgid "" +"<emphasis>0x2000</emphasis>: Contents of function-internal variables that " +"may be interesting." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:43 +msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:46 +msgid "" +"To log required debug levels, simply add their numbers together as shown in " +"following examples:" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:49 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, critical failures, " +"serious failures and function data use 0x0270." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:53 +msgid "" +"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, " +"function data, trace messages for internal control functions use 0x1310." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/debug_levels.xml:57 +msgid "" +"<emphasis>Note</emphasis>: This is new format of debug levels introduced in " +"1.7.0. Older format (numbers from 0-10) is compatible but deprecated." +msgstr "" + +#. type: Content of: outside any tag (error?) +#: include/experimental.xml:1 +msgid "" +"<emphasis> This is an experimental feature, please use http://fedorahosted." +"org/sssd to report any issues. </emphasis>" +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/local.xml:2 +msgid "THE LOCAL DOMAIN" +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/local.xml:4 +msgid "" +"In order to function correctly, a domain with <quote>id_provider=local</" +"quote> must be created and the SSSD must be running." +msgstr "" + +#. type: Content of: <refsect1><para> +#: include/local.xml:9 +msgid "" +"The administrator might want to use the SSSD local users instead of " +"traditional UNIX users in cases where the group nesting (see <citerefentry> " +"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </" +"citerefentry>) is needed. The local users are also useful for testing and " +"development of the SSSD without having to deploy a full remote server. The " +"<command>sss_user*</command> and <command>sss_group*</command> tools use a " +"local LDB storage to store users and groups." +msgstr "" + +#. type: Content of: <refsect1><title> +#: include/seealso.xml:2 +msgid "SEE ALSO" +msgstr "SKATĪT ARĪ" + +#. type: Content of: <refsect1><para> +#: include/seealso.xml:4 +msgid "" +"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</" +"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </" +"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " +"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </" +"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </" +"citerefentry>, <citerefentry> <refentrytitle>sss_seed</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</" +"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</" +"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</" +"refentrytitle><manvolnum>8</manvolnum> </citerefentry>." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/ldap_search_bases.xml:3 +#: include/ldap_search_bases_experimental.xml:3 +msgid "" +"An optional base DN, search scope and LDAP filter to restrict LDAP searches " +"for this attribute type." +msgstr "" + +#. type: Content of: <listitem><para><programlisting> +#: include/ldap_search_bases.xml:9 +#: include/ldap_search_bases_experimental.xml:9 +#, no-wrap +msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/ldap_search_bases.xml:7 +#: include/ldap_search_bases_experimental.xml:7 +msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/ldap_search_bases.xml:13 +#: include/ldap_search_bases_experimental.xml:13 +msgid "" +"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter " +"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/" +"rfc2254.txt" +msgstr "" + +#. type: Content of: <listitem><para> +#: include/ldap_search_bases.xml:19 +#: include/ldap_search_bases_experimental.xml:19 +msgid "" +"For examples of this syntax, please refer to the <quote>ldap_search_base</" +"quote> examples section." +msgstr "" + +#. type: Content of: <listitem><para> +#: include/ldap_search_bases.xml:27 +#: include/ldap_search_bases_experimental.xml:27 +msgid "" +"Please note that specifying scope or filter is not supported for searches " +"against an Active Directory Server that might yield a large number of " +"results and trigger the Range Retrieval extension in the response." +msgstr "" + +#. type: Content of: <para> +#: include/autofs_restart.xml:2 +msgid "" +"Please note that the automounter only reads the master map on startup, so if " +"any autofs-related changes are made to the sssd.conf, you typically also " +"need to restart the automounter daemon after restarting the SSSD." +msgstr "" diff --git a/src/man/po/nl.po b/src/man/po/nl.po index 8b2530001..c22ca4582 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/" @@ -230,7 +230,7 @@ msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Sectie parameters" @@ -270,12 +270,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -284,7 +284,7 @@ msgstr "" "Data Aanbieder crashed of opnieuw start voordat dit opgegeven wordt" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Standaard: 3" @@ -307,7 +307,7 @@ msgstr "" "lijst van domeinen in de volgorde die SSSD ze moet aflopen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (tekst)" @@ -327,7 +327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" @@ -424,32 +424,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -459,15 +438,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -485,12 +464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "SERVICES SECTIE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -499,80 +478,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "Algemene service configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "Deze opties kunnen gebruikt worden om services te configureren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "Voeg een tijdstempel toe aan de debugberichten" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Standaard: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -582,23 +561,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -682,7 +682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "" @@ -924,100 +924,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1025,59 +1026,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1085,7 +1086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1094,17 +1095,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1112,115 +1113,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1232,7 +1233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1243,24 +1244,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1268,12 +1269,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1282,24 +1283,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1308,39 +1309,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1350,14 +1351,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1366,122 +1367,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1490,17 +1491,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1509,33 +1510,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1543,8 +1544,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1553,8 +1554,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1562,19 +1563,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1583,19 +1584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1603,7 +1604,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1611,30 +1612,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1642,19 +1643,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1663,24 +1664,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1688,7 +1689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1696,35 +1697,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1732,22 +1733,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1755,7 +1757,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1763,31 +1765,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1795,28 +1797,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1824,7 +1821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1832,24 +1829,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1857,19 +1854,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1878,29 +1875,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1911,7 +1908,7 @@ msgstr "" "het domein alles daarna\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1919,7 +1916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -1928,7 +1925,7 @@ msgstr "" "(?P<name>) om subpatronen aan te geven." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1936,59 +1933,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1996,56 +1993,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2054,30 +2051,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2085,29 +2082,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2115,19 +2112,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2135,73 +2132,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2209,17 +2206,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2228,17 +2225,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2246,17 +2243,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2264,18 +2261,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2305,7 +2302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2346,7 +2343,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3078,8 +3075,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3094,7 +3091,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3282,7 +3279,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3542,7 +3539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3815,53 +3812,75 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "full_name_format (string)" +msgid "ldap_sasl_realm (string)" +msgstr "full_name_format (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3869,27 +3888,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3901,7 +3920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3909,7 +3928,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3917,53 +3936,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3971,32 +3990,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4005,56 +4029,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4065,12 +4089,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4079,14 +4103,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4095,24 +4119,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4120,19 +4144,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4141,7 +4165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4149,7 +4173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4158,89 +4182,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4257,213 +4281,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4471,106 +4495,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4579,76 +4603,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4657,46 +4681,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4704,43 +4728,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4748,7 +4772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4756,7 +4780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4770,19 +4794,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5085,7 +5109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5096,12 +5120,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5109,7 +5141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5161,25 +5193,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5189,87 +5229,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5277,86 +5317,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5364,12 +5404,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5377,17 +5417,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5396,313 +5436,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5710,7 +5782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5848,7 +5920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5856,7 +5928,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/po4a.cfg b/src/man/po/po4a.cfg index b6834d4fe..b25d614a9 100644 --- a/src/man/po/po4a.cfg +++ b/src/man/po/po4a.cfg @@ -1,4 +1,4 @@ -[po4a_langs] br ca cs eu es fr ja nl pt ru tg uk +[po4a_langs] br ca cs eu es fr ja lv nl pt ru tg uk [po4a_paths] po/sssd-docs.pot $lang:po/$lang.po [type:docbook] sss_groupmod.8.xml $lang:$(builddir)/$lang/sss_groupmod.8.xml [type:docbook] sssd.conf.5.xml $lang:$(builddir)/$lang/sssd.conf.5.xml diff --git a/src/man/po/pt.po b/src/man/po/pt.po index 22049f586..4a12d6384 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n" @@ -224,7 +224,7 @@ msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Parâmetros de secção" @@ -265,12 +265,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -279,7 +279,7 @@ msgstr "" "falha do provedor de dados ou reiniciar antes de eles desistirem" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Padrão: 3" @@ -302,7 +302,7 @@ msgstr "" "domínios na ordem desejada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (string)" @@ -322,7 +322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (string)" @@ -405,32 +405,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "Padrão: 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -440,15 +419,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -466,12 +445,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -480,80 +459,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Padrão: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -563,23 +542,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Padrão: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -659,7 +659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "" @@ -901,100 +901,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1002,59 +1003,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1062,7 +1063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1071,17 +1072,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1089,115 +1090,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1209,7 +1210,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1220,24 +1221,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1245,12 +1246,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1259,24 +1260,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1285,39 +1286,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1327,14 +1328,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1343,122 +1344,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1467,17 +1468,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1486,33 +1487,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1520,8 +1521,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1530,8 +1531,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1539,19 +1540,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1560,19 +1561,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1580,7 +1581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1588,30 +1589,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1619,19 +1620,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1640,24 +1641,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1665,7 +1666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1673,35 +1674,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1709,22 +1710,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1732,7 +1734,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1740,31 +1742,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1772,28 +1774,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "Padrão: none" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1801,7 +1798,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1809,24 +1806,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1834,19 +1831,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1855,29 +1852,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1885,7 +1882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1893,14 +1890,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1908,59 +1905,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1968,56 +1965,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "case_sensitive (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2026,30 +2023,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2057,29 +2054,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2087,19 +2084,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "A secção de domínio local" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2107,73 +2104,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "Padrão: <filename>bash/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "Padrão: <filename>/ home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2181,17 +2178,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "Padrão: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2200,17 +2197,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "Padrão: <filename>skel/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2218,17 +2215,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "Padrão: <filename>mail/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2236,18 +2233,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2301,7 +2298,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2342,7 +2339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "OPÇÕES DE CONFIGURAÇÃO" @@ -3078,8 +3075,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "Padrão: NC" @@ -3094,7 +3091,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3282,7 +3279,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3542,7 +3539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3817,54 +3814,76 @@ msgstr "ldap_sasl_authid (string)" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3872,27 +3891,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3904,7 +3923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3912,7 +3931,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3920,53 +3939,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3974,32 +3993,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "Padrão: none" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4008,56 +4032,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4068,12 +4092,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4082,14 +4106,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4098,24 +4122,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4123,19 +4147,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4144,7 +4168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4152,7 +4176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4161,89 +4185,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4260,213 +4284,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4474,106 +4498,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4582,76 +4606,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4660,46 +4684,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4707,43 +4731,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4751,7 +4775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4759,7 +4783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4781,19 +4805,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5102,7 +5126,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5113,12 +5137,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5126,7 +5158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5178,25 +5210,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5206,87 +5246,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "Default: Use base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5294,86 +5334,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5381,12 +5421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5394,17 +5434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5413,313 +5453,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "Padrão: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "Padrão: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "ipa_netgroup_member_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "Padrão: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "ipa_netgroup_member_ext_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "Padrão: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "ipa_netgroup_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "Padrão: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "ipa_host_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "Padrão: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "ipa_host_fqdn (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "Padrão: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5727,7 +5799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5869,7 +5941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5877,7 +5949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/ru.po b/src/man/po/ru.po index bac69f407..6c877952c 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n" @@ -201,7 +201,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "" @@ -238,19 +238,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "попыток_соединения (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "По умолчанию: 3" @@ -269,7 +269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "" @@ -289,7 +289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "" @@ -372,32 +372,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -407,15 +386,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -433,12 +412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -447,80 +426,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "По умолчанию: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -530,23 +509,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -626,7 +626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "По умолчанию: 15" @@ -868,100 +868,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (неограничено)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -969,59 +970,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1029,7 +1030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1038,17 +1039,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1056,115 +1057,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1176,7 +1177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1187,24 +1188,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1212,12 +1213,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1226,24 +1227,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1252,39 +1253,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1294,14 +1295,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1310,122 +1311,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1434,17 +1435,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1453,33 +1454,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1487,8 +1488,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1497,8 +1498,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1506,19 +1507,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1527,19 +1528,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1547,7 +1548,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1555,30 +1556,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1586,19 +1587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1607,24 +1608,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1632,7 +1633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1640,35 +1641,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1676,22 +1677,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1699,7 +1701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1707,31 +1709,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1739,28 +1741,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1768,7 +1765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1776,24 +1773,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1801,19 +1798,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1822,29 +1819,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1852,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1860,14 +1857,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1875,59 +1872,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1935,56 +1932,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменное имя из hostname" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1993,30 +1990,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2024,29 +2021,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2054,19 +2051,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2074,73 +2071,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "По умолчанию: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2148,17 +2145,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "По умолчанию: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2167,17 +2164,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "По умолчанию: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2185,17 +2182,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "По умолчанию: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2203,18 +2200,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2244,7 +2241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2285,7 +2282,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ" @@ -3017,8 +3014,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3033,7 +3030,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3221,7 +3218,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3481,7 +3478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3754,53 +3751,73 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3808,27 +3825,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3840,7 +3857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3848,7 +3865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3856,53 +3873,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3910,32 +3927,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3944,56 +3966,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4004,12 +4026,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4018,14 +4040,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4034,24 +4056,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4059,19 +4081,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4080,7 +4102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4088,7 +4110,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4097,89 +4119,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4196,213 +4218,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4410,106 +4432,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4518,76 +4540,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4596,46 +4618,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4643,43 +4665,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4687,7 +4709,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4695,7 +4717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4709,19 +4731,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5024,7 +5046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5035,12 +5057,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5048,7 +5078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5100,25 +5130,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5128,87 +5166,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5216,86 +5254,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5303,12 +5341,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5316,17 +5354,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5335,313 +5373,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5649,7 +5719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5787,7 +5857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5795,7 +5865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index bd911376c..d208d311d 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.9.2\n" +"Project-Id-Version: sssd-docs 1.9.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:31+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -177,7 +177,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "" @@ -213,19 +213,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "" @@ -244,7 +244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "" @@ -264,7 +264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "" @@ -347,31 +347,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the " -"<quote>timeout</quote> option), it is first sent the SIGTERM signal that " -"instructs it to quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -381,14 +361,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156 msgid "Default: not set" msgstr "" @@ -404,12 +384,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -418,74 +398,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 sssd-ipa.5.xml:285 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -495,23 +475,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the " +"<quote>timeout</quote> option), it is first sent the SIGTERM signal that " +"instructs it to quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -592,7 +592,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "" @@ -832,100 +832,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during " -"lookup. This option supersedes any other shell options if it takes effect." +"lookup. This option supersedes any other shell options if it takes effect " +"and can be set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -933,59 +934,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -993,7 +994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1003,17 +1004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1021,7 +1022,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1029,108 +1030,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1142,7 +1143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1153,24 +1154,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1178,12 +1179,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1192,24 +1193,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -1218,39 +1219,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1260,14 +1261,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1276,121 +1277,121 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1399,17 +1400,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1418,34 +1419,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1453,7 +1454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1462,7 +1463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -1470,19 +1471,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1491,19 +1492,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1511,7 +1512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1519,29 +1520,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1549,19 +1550,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -1570,24 +1571,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -1596,7 +1597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1604,34 +1605,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1639,22 +1640,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1662,7 +1663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1671,31 +1672,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1704,27 +1705,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1732,7 +1728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -1740,24 +1736,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1766,19 +1762,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: " "<quote>(((?P<domain>[^\\\\]+)\\\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?P<name>[^@\\\\]+)$))</quote> " @@ -1786,29 +1782,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1816,7 +1812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1824,14 +1820,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " "(?P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -1840,59 +1836,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1900,56 +1896,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1958,29 +1954,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -1989,29 +1985,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2019,19 +2015,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2039,73 +2035,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2113,17 +2109,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2132,17 +2128,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2150,17 +2146,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2168,17 +2164,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2208,7 +2204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2250,7 +2246,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 sssd-krb5.5.xml:63 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -2981,7 +2977,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -2996,7 +2992,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3183,7 +3179,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3440,7 +3436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3713,53 +3709,74 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example " +"host/myhost@EXAMPLE.COM) or just the principal name (for example " +"host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3767,27 +3784,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -3799,7 +3816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3807,7 +3824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -3816,53 +3833,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -3871,32 +3888,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3905,56 +3927,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -3965,12 +3987,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -3979,14 +4001,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -3995,24 +4017,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4020,19 +4042,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4041,7 +4063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -4049,7 +4071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4058,89 +4080,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4157,213 +4179,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4371,105 +4393,105 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4478,76 +4500,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -4556,46 +4578,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = " @@ -4604,43 +4626,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4648,7 +4670,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4656,7 +4678,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4670,17 +4692,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -4986,7 +5008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " @@ -4997,12 +5019,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -5011,7 +5041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5065,25 +5095,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5093,87 +5131,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5181,85 +5219,85 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5267,12 +5305,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -5280,17 +5318,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5299,312 +5337,344 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of " +"sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -5612,7 +5682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5752,7 +5822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -5760,7 +5830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/tg.po b/src/man/po/tg.po index 0e1a88519..d2fbf2654 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 17:53+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/" @@ -200,7 +200,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "" @@ -237,19 +237,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Пешфарз: 3" @@ -268,7 +268,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "" @@ -288,7 +288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "" @@ -371,32 +371,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -406,15 +385,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -432,12 +411,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -446,80 +425,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Пешфарз: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Пешфарз: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -529,23 +508,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " "limited in order to avoid resource exhaustion on the system." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -625,7 +625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Пешфарз: 15" @@ -867,100 +867,101 @@ msgstr "" #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -968,59 +969,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1028,7 +1029,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1037,17 +1038,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1055,115 +1056,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " "before asking the back end again." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1175,7 +1176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1186,24 +1187,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1211,12 +1212,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1225,24 +1226,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1251,39 +1252,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1293,14 +1294,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1309,122 +1310,122 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1433,17 +1434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1452,33 +1453,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1486,8 +1487,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1496,8 +1497,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1505,19 +1506,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1526,19 +1527,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1546,7 +1547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1554,30 +1555,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1585,19 +1586,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1606,24 +1607,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1631,7 +1632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1639,35 +1640,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1675,22 +1676,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -1698,7 +1700,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1706,31 +1708,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1738,28 +1740,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1767,7 +1764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1775,24 +1772,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -1800,19 +1797,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -1821,29 +1818,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1851,7 +1848,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1859,14 +1856,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -1874,59 +1871,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1934,56 +1931,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1992,30 +1989,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2023,29 +2020,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2053,19 +2050,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2073,73 +2070,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2147,17 +2144,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2166,17 +2163,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2184,17 +2181,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2202,18 +2199,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2243,7 +2240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2284,7 +2281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" @@ -3016,8 +3013,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "" @@ -3032,7 +3029,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "" @@ -3220,7 +3217,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" @@ -3480,7 +3477,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "" @@ -3753,53 +3750,73 @@ msgstr "" #: sssd-ldap.5.xml:1418 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +msgid "ldap_sasl_realm (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3807,27 +3824,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -3839,7 +3856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3847,7 +3864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -3855,53 +3872,53 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -3909,32 +3926,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -3943,56 +3965,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4003,12 +4025,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4017,14 +4039,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4033,24 +4055,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4058,19 +4080,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4079,7 +4101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4087,7 +4109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4096,89 +4118,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4195,213 +4217,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4409,106 +4431,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4517,76 +4539,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4595,46 +4617,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4642,43 +4664,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4686,7 +4708,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4694,7 +4716,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4708,19 +4730,19 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5023,7 +5045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5034,12 +5056,20 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5047,7 +5077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5099,25 +5129,33 @@ msgid "" "provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -5127,87 +5165,87 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -5215,86 +5253,86 @@ msgid "" msgstr "" #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -5302,12 +5340,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -5315,17 +5353,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -5334,313 +5372,345 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5648,7 +5718,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -5786,7 +5856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -5794,7 +5864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" diff --git a/src/man/po/uk.po b/src/man/po/uk.po index ceea45160..3d9ef6315 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-10-12 21:14+0300\n" +"POT-Creation-Date: 2012-12-06 00:30+0100\n" "PO-Revision-Date: 2012-10-05 18:53+0000\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n" @@ -234,7 +234,7 @@ msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1717 msgid "Section parameters" msgstr "Параметри розділу" @@ -279,12 +279,12 @@ msgstr "" "\">, pac</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:98 sssd.conf.5.xml:306 +#: sssd.conf.5.xml:98 sssd.conf.5.xml:290 msgid "reconnection_retries (integer)" msgstr "reconnection_retries (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:101 sssd.conf.5.xml:309 +#: sssd.conf.5.xml:101 sssd.conf.5.xml:293 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" @@ -294,7 +294,7 @@ msgstr "" "визнання подальших спроб безнадійними." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:106 sssd.conf.5.xml:314 +#: sssd.conf.5.xml:106 sssd.conf.5.xml:298 msgid "Default: 3" msgstr "Типове значення: 3" @@ -318,7 +318,7 @@ msgstr "" "до них запитів щодо даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1497 msgid "re_expression (string)" msgstr "re_expression (рядок)" @@ -344,7 +344,7 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523 +#: sssd.conf.5.xml:141 sssd.conf.5.xml:1544 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" @@ -450,38 +450,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:206 -msgid "force_timeout (integer)" -msgstr "force_timeout (ціле число)" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:209 -msgid "" -"If a service is not responding to ping checks (see the <quote>timeout</" -"quote> option), it is first sent the SIGTERM signal that instructs it to " -"quit gracefully. If the service does not terminate after " -"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " -"by sending a SIGKILL signal." -msgstr "" -"Якщо служба не відповідає на перевірки луна-імпульсом (пінгом) (див. " -"параметр <quote>timeout</quote>), система спочатку надсилає сигнал SIGTERM, " -"яким наказує службі завершити роботу у штатному режимі. Якщо служба не " -"завершить роботу протягом часу, визначено параметром <quote>force_timeout</" -"quote> у секундах, монітор примусово завершить роботу служби надсиланням " -"сигналу SIGKILL." - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 -#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099 -msgid "Default: 60" -msgstr "Типове значення: 60" - -#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:222 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:225 +#: sssd.conf.5.xml:209 #, fuzzy #| msgid "" #| "This string will be used as a default domain name for all names without a " @@ -504,7 +477,7 @@ msgstr "" "за допомогою лише імені користувача без додавання до нього назви домену." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:219 #, fuzzy #| msgid "" #| "Please note that if this option is set all users from the local domain " @@ -518,8 +491,8 @@ msgstr "" "користувач@назва.домену, для входу до системи." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 -#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 +#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 +#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2251 #: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -542,12 +515,12 @@ msgstr "" "профілів. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:252 +#: sssd.conf.5.xml:236 msgid "SERVICES SECTIONS" msgstr "РОЗДІЛИ СЛУЖБ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:238 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -560,64 +533,64 @@ msgstr "" "у розділі <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:261 +#: sssd.conf.5.xml:245 msgid "General service configuration options" msgstr "Загальні параметри налаштування служб" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:263 +#: sssd.conf.5.xml:247 msgid "These options can be used to configure any service." msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 +#: sssd.conf.5.xml:251 msgid "debug_level (integer)" msgstr "debug_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:271 +#: sssd.conf.5.xml:255 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:274 +#: sssd.conf.5.xml:258 msgid "Add a timestamp to the debug messages" msgstr "Додати часову позначку до діагностичних повідомлень." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 -#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 -#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 -#: sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:834 +#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2012 +#: sssd-ldap.5.xml:2077 sssd-ldap.5.xml:2095 sssd-ipa.5.xml:250 +#: sssd-ipa.5.xml:285 msgid "Default: true" msgstr "Типове значення: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:282 +#: sssd.conf.5.xml:266 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:285 +#: sssd.conf.5.xml:269 msgid "Add microseconds to the timestamp in debug messages" msgstr "" "Додати значення мікросекунд до часової позначки у діагностичних повідомленнях" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 +#: sssd.conf.5.xml:272 sssd.conf.5.xml:788 sssd.conf.5.xml:1651 #: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 -#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 +#: sssd-ldap.5.xml:1551 sssd-ipa.5.xml:129 sssd-ipa.5.xml:345 #: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:293 +#: sssd.conf.5.xml:277 msgid "timeout (integer)" msgstr "timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:296 +#: sssd.conf.5.xml:280 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests." @@ -626,17 +599,17 @@ msgstr "" "перевірки працездатності процесу та його змоги відповідати на запити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248 +#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248 msgid "Default: 10" msgstr "Типове значення: 10" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:319 +#: sssd.conf.5.xml:303 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:322 +#: sssd.conf.5.xml:306 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -652,17 +625,17 @@ msgstr "" "цього параметра і обмеженням \"hard\" у limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:331 +#: sssd.conf.5.xml:315 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Типове значення: 8192 (або обмеження у limits.conf \"hard\")" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:336 +#: sssd.conf.5.xml:320 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:339 +#: sssd.conf.5.xml:323 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -673,6 +646,33 @@ msgstr "" "його допомогою обміну даними. Таке обмеження потрібне для того, щоб уникнути " "вичерпання ресурсів системи." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:606 +#: sssd.conf.5.xml:766 sssd.conf.5.xml:990 sssd-ldap.5.xml:1099 +msgid "Default: 60" +msgstr "Типове значення: 60" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:335 sssd.conf.5.xml:979 +msgid "force_timeout (integer)" +msgstr "force_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:338 sssd.conf.5.xml:982 +msgid "" +"If a service is not responding to ping checks (see the <quote>timeout</" +"quote> option), it is first sent the SIGTERM signal that instructs it to " +"quit gracefully. If the service does not terminate after " +"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down " +"by sending a SIGKILL signal." +msgstr "" +"Якщо служба не відповідає на перевірки луна-імпульсом (пінгом) (див. " +"параметр <quote>timeout</quote>), система спочатку надсилає сигнал SIGTERM, " +"яким наказує службі завершити роботу у штатному режимі. Якщо служба не " +"завершить роботу протягом часу, визначено параметром <quote>force_timeout</" +"quote> у секундах, монітор примусово завершить роботу служби надсиланням " +"сигналу SIGKILL." + #. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:354 msgid "NSS configuration options" @@ -772,7 +772,7 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226 +#: sssd.conf.5.xml:414 sssd.conf.5.xml:812 sssd-krb5.5.xml:226 msgid "Default: 15" msgstr "Типове значення: 15" @@ -1051,9 +1051,14 @@ msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:586 sssd-ad.5.xml:206 +#, fuzzy +#| msgid "" +#| "The default shell to use if the provider does not return one during " +#| "lookup. This option supersedes any other shell options if it takes effect." msgid "" "The default shell to use if the provider does not return one during lookup. " -"This option supersedes any other shell options if it takes effect." +"This option supersedes any other shell options if it takes effect and can be " +"set either in the [nss] section or per-domain." msgstr "" "Типова командна оболонка, яку слід використовувати, якщо засобом надання " "даних не повернуто даних оболонки під час пошуку. Якщо буде використано цей " @@ -1061,7 +1066,7 @@ msgstr "" "командної оболонки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:591 sssd-ad.5.xml:211 +#: sssd.conf.5.xml:592 sssd-ad.5.xml:212 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1071,12 +1076,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:598 sssd.conf.5.xml:758 +#: sssd.conf.5.xml:599 sssd.conf.5.xml:759 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:601 sssd.conf.5.xml:761 +#: sssd.conf.5.xml:602 sssd.conf.5.xml:762 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1085,12 +1090,12 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:610 +#: sssd.conf.5.xml:611 msgid "memcache_timeout (int)" msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:613 +#: sssd.conf.5.xml:614 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" @@ -1099,17 +1104,17 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654 +#: sssd.conf.5.xml:618 sssd-ldap.5.xml:654 msgid "Default: 300" msgstr "Типове значення: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:624 +#: sssd.conf.5.xml:625 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:626 +#: sssd.conf.5.xml:627 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1118,12 +1123,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:632 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:635 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1133,17 +1138,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:639 sssd.conf.5.xml:652 +#: sssd.conf.5.xml:640 sssd.conf.5.xml:653 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:645 +#: sssd.conf.5.xml:646 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:648 +#: sssd.conf.5.xml:649 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1152,12 +1157,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:658 +#: sssd.conf.5.xml:659 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:661 +#: sssd.conf.5.xml:662 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1167,7 +1172,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:666 +#: sssd.conf.5.xml:667 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1179,17 +1184,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:673 sssd.conf.5.xml:726 sssd.conf.5.xml:1598 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:678 +#: sssd.conf.5.xml:679 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#: sssd.conf.5.xml:682 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1198,43 +1203,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:686 +#: sssd.conf.5.xml:687 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:690 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:693 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:696 +#: sssd.conf.5.xml:697 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:699 +#: sssd.conf.5.xml:700 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:703 sssd.8.xml:63 +#: sssd.conf.5.xml:704 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:708 +#: sssd.conf.5.xml:709 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:711 +#: sssd.conf.5.xml:712 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1245,7 +1250,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:718 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1259,18 +1264,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:731 +#: sssd.conf.5.xml:732 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105 +#: sssd.conf.5.xml:735 sssd.conf.5.xml:1122 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:737 +#: sssd.conf.5.xml:738 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1281,7 +1286,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108 +#: sssd.conf.5.xml:744 sssd.conf.5.xml:1125 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -1291,7 +1296,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:748 +#: sssd.conf.5.xml:749 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -1300,27 +1305,27 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 sssd.8.xml:79 +#: sssd.conf.5.xml:754 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:773 +#: sssd.conf.5.xml:774 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:775 +#: sssd.conf.5.xml:776 msgid "These options can be used to configure the sudo service." msgstr "Цими параметрами можна скористатися для налаштування служби sudo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:779 +#: sssd.conf.5.xml:780 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:782 +#: sssd.conf.5.xml:783 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -1329,22 +1334,22 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:795 +#: sssd.conf.5.xml:796 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:798 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:801 +#: sssd.conf.5.xml:802 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:804 +#: sssd.conf.5.xml:805 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1354,55 +1359,55 @@ msgstr "" "негативні результати пошуку у кеші (тобто запити щодо некоректних записів у " "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:816 -msgid "ssh_known_hosts_timeout (integer)" -msgstr "ssh_known_hosts_timeout (ціле число)" - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 -msgid "" -"How many seconds to keep a host in the managed known_hosts file after its " -"host keys were requested." -msgstr "" -"Кількість секунд, протягом яких запису вузла зберігатиметься у керованому " -"файлі known_hosts після надсилання запиту щодо ключів вузла." - -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:823 -msgid "Default: 180" -msgstr "Типове значення: 180" - #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:832 +#: sssd.conf.5.xml:821 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:823 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:838 +#: sssd.conf.5.xml:827 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:841 +#: sssd.conf.5.xml:830 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:839 +msgid "ssh_known_hosts_timeout (integer)" +msgstr "ssh_known_hosts_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:842 +msgid "" +"How many seconds to keep a host in the managed known_hosts file after its " +"host keys were requested." +msgstr "" +"Кількість секунд, протягом яких запису вузла зберігатиметься у керованому " +"файлі known_hosts після надсилання запиту щодо ключів вузла." + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:846 +msgid "Default: 180" +msgstr "Типове значення: 180" + #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:854 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:856 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1421,7 +1426,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:864 +#: sssd.conf.5.xml:865 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1439,7 +1444,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:872 +#: sssd.conf.5.xml:873 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." @@ -1448,18 +1453,18 @@ msgstr "" "користувача буде додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:878 +#: sssd.conf.5.xml:879 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:882 +#: sssd.conf.5.xml:883 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:885 +#: sssd.conf.5.xml:886 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1470,14 +1475,14 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:892 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:895 +#: sssd.conf.5.xml:896 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1491,17 +1496,17 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:909 +#: sssd.conf.5.xml:910 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:917 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:919 +#: sssd.conf.5.xml:920 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -1510,7 +1515,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:924 +#: sssd.conf.5.xml:925 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -1523,17 +1528,17 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:932 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:937 +#: sssd.conf.5.xml:938 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:940 +#: sssd.conf.5.xml:941 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" @@ -1542,22 +1547,22 @@ msgstr "" "значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:944 +#: sssd.conf.5.xml:945 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:947 +#: sssd.conf.5.xml:948 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184 +#: sssd.conf.5.xml:951 sssd.conf.5.xml:1099 sssd.conf.5.xml:1201 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:954 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1572,7 +1577,7 @@ msgstr "" "системи виконанням нумерації." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:963 +#: sssd.conf.5.xml:964 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -1582,7 +1587,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:968 +#: sssd.conf.5.xml:969 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1596,12 +1601,12 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:979 +#: sssd.conf.5.xml:996 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:999 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -1610,17 +1615,17 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:986 +#: sssd.conf.5.xml:1003 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:992 +#: sssd.conf.5.xml:1009 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:995 +#: sssd.conf.5.xml:1012 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -1629,18 +1634,18 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 -#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065 +#: sssd.conf.5.xml:1016 sssd.conf.5.xml:1029 sssd.conf.5.xml:1042 +#: sssd.conf.5.xml:1055 sssd.conf.5.xml:1068 sssd.conf.5.xml:1082 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1022 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1025 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -1649,12 +1654,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1018 +#: sssd.conf.5.xml:1035 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1038 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -1663,12 +1668,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1031 +#: sssd.conf.5.xml:1048 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1051 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -1677,12 +1682,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1044 +#: sssd.conf.5.xml:1061 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1047 +#: sssd.conf.5.xml:1064 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -1691,12 +1696,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1057 +#: sssd.conf.5.xml:1074 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 +#: sssd.conf.5.xml:1077 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -1705,31 +1710,31 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1071 +#: sssd.conf.5.xml:1088 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1074 +#: sssd.conf.5.xml:1091 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" "Визначає, чи слід також кешувати реєстраційні дані користувача у локальному " "кеші LDB" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1095 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" "Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у " "форматі звичайного тексту" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1104 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1107 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1742,17 +1747,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1114 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1119 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1130 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1765,17 +1770,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1137 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1143 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1146 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -1783,17 +1788,17 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1133 +#: sssd.conf.5.xml:1150 msgid "proxy: Support a legacy NSS provider" msgstr "proxy: підтримка застарілого модуля надання даних NSS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1136 +#: sssd.conf.5.xml:1153 msgid "<quote>local</quote>: SSSD internal provider for local users" msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1157 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -1804,8 +1809,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 -#: sssd.conf.5.xml:1314 +#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1227 sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1331 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " "provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1818,8 +1823,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1174 sssd.conf.5.xml:1236 sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1340 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1831,12 +1836,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1168 +#: sssd.conf.5.xml:1185 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1171 +#: sssd.conf.5.xml:1188 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -1846,7 +1851,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1176 +#: sssd.conf.5.xml:1193 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1859,12 +1864,12 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1189 +#: sssd.conf.5.xml:1206 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1192 +#: sssd.conf.5.xml:1209 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -1873,7 +1878,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254 +#: sssd.conf.5.xml:1213 sssd.conf.5.xml:1271 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1885,7 +1890,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1203 +#: sssd.conf.5.xml:1220 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -1897,18 +1902,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1244 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1247 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1233 +#: sssd.conf.5.xml:1250 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -1917,12 +1922,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1256 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1242 +#: sssd.conf.5.xml:1259 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1933,7 +1938,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1248 +#: sssd.conf.5.xml:1265 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -1942,12 +1947,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1251 +#: sssd.conf.5.xml:1268 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1278 +#: sssd.conf.5.xml:1295 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -1960,17 +1965,17 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1285 +#: sssd.conf.5.xml:1302 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1290 +#: sssd.conf.5.xml:1307 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1293 +#: sssd.conf.5.xml:1310 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -1979,7 +1984,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -1991,7 +1996,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1323 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2003,18 +2008,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1348 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1335 +#: sssd.conf.5.xml:1352 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1355 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -2023,19 +2028,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1362 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1365 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1352 +#: sssd.conf.5.xml:1369 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2047,24 +2052,25 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1376 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1379 sssd.conf.5.xml:1433 sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1490 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1368 +#: sssd.conf.5.xml:1385 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1371 +#: sssd.conf.5.xml:1388 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -2075,7 +2081,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1377 +#: sssd.conf.5.xml:1394 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2087,14 +2093,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1402 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1388 +#: sssd.conf.5.xml:1405 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -2103,14 +2109,19 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1411 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1414 +#, fuzzy +#| msgid "" +#| "The provider which should handle fetching of subdomains. This value " +#| "should be always the same as id_provider. Supported subdomain providers " +#| "are:" msgid "" -"The provider which should handle fetching of subdomains. This value should " +"The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" "Засіб надання даних, який має обробляти отримання даних піддоменів. Це " @@ -2118,7 +2129,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1402 +#: sssd.conf.5.xml:1420 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2130,22 +2141,17 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1410 +#: sssd.conf.5.xml:1429 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564 -msgid "Default: none" -msgstr "Типове значення: none" - #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1440 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1443 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -2153,7 +2159,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1426 +#: sssd.conf.5.xml:1447 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2165,7 +2171,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1433 +#: sssd.conf.5.xml:1454 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -2177,17 +2183,17 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1441 +#: sssd.conf.5.xml:1462 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1451 +#: sssd.conf.5.xml:1472 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1454 +#: sssd.conf.5.xml:1475 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -2196,7 +2202,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1479 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -2208,12 +2214,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1487 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1479 +#: sssd.conf.5.xml:1500 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." @@ -2222,7 +2228,7 @@ msgstr "" "користувача і доменом на його частини." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1484 +#: sssd.conf.5.xml:1505 msgid "" "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+$))|((?P<name>[^@]+)@(?P<domain>.+$))|(^(?" @@ -2235,22 +2241,22 @@ msgstr "" "різні стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1489 +#: sssd.conf.5.xml:1510 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1513 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1495 +#: sssd.conf.5.xml:1516 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1519 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -2259,7 +2265,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1503 +#: sssd.conf.5.xml:1524 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -2270,7 +2276,7 @@ msgstr "" "домену — все після цього символу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1509 +#: sssd.conf.5.xml:1530 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -2282,7 +2288,7 @@ msgstr "" "платформах з версією libpcre 7." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1516 +#: sssd.conf.5.xml:1537 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?" "P<name>) to label subpatterns." @@ -2292,7 +2298,7 @@ msgstr "" "підшаблонів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1526 +#: sssd.conf.5.xml:1547 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to translate " @@ -2303,17 +2309,17 @@ msgstr "" "кортежу (назва, домен) для цього домену у назву належного формату." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1534 +#: sssd.conf.5.xml:1555 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:1561 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 +#: sssd.conf.5.xml:1564 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -2322,48 +2328,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1547 +#: sssd.conf.5.xml:1568 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1550 +#: sssd.conf.5.xml:1571 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1553 +#: sssd.conf.5.xml:1574 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1556 +#: sssd.conf.5.xml:1577 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1559 +#: sssd.conf.5.xml:1580 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1583 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1568 +#: sssd.conf.5.xml:1589 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1571 +#: sssd.conf.5.xml:1592 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -2374,12 +2380,12 @@ msgstr "" "очікування буде перевищено, домен продовжуватиме роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1583 +#: sssd.conf.5.xml:1604 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1607 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -2388,28 +2394,28 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1590 +#: sssd.conf.5.xml:1611 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1596 +#: sssd.conf.5.xml:1617 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1620 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1605 +#: sssd.conf.5.xml:1626 msgid "case_sensitive (boolean)" msgstr "case_sensitive (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1629 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." @@ -2418,17 +2424,17 @@ msgstr "" "версії підтримку передбачено лише для локальних надавачів даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1613 +#: sssd.conf.5.xml:1634 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1619 +#: sssd.conf.5.xml:1640 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1622 +#: sssd.conf.5.xml:1643 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -2443,12 +2449,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1657 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1639 +#: sssd.conf.5.xml:1660 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." @@ -2458,7 +2464,7 @@ msgstr "" "<emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1665 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -2466,12 +2472,12 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1648 +#: sssd.conf.5.xml:1669 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:911 +#: sssd.conf.5.xml:912 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -2482,17 +2488,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1660 +#: sssd.conf.5.xml:1681 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1684 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1687 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." @@ -2501,12 +2507,12 @@ msgstr "" "налаштуваннями pam або створити нові і тут додати назву служби." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1695 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1698 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -2517,7 +2523,7 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1656 +#: sssd.conf.5.xml:1677 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" id=" "\"0\"/>" @@ -2526,12 +2532,12 @@ msgstr "" "\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1689 +#: sssd.conf.5.xml:1710 msgid "The local domain section" msgstr "Розділ локального домену" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1712 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -2542,29 +2548,29 @@ msgstr "" "використовує <replaceable>id_provider=local</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1698 +#: sssd.conf.5.xml:1719 msgid "default_shell (string)" msgstr "default_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1701 +#: sssd.conf.5.xml:1722 msgid "The default shell for users created with SSSD userspace tools." msgstr "" "Типова оболонка для записів користувачів, створених за допомогою " "інструментів простору користувачів SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1705 +#: sssd.conf.5.xml:1726 msgid "Default: <filename>/bin/bash</filename>" msgstr "Типове значення: <filename>/bin/bash</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1710 +#: sssd.conf.5.xml:1731 msgid "base_directory (string)" msgstr "base_directory (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1713 +#: sssd.conf.5.xml:1734 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." @@ -2573,17 +2579,17 @@ msgstr "" "replaceable> і використовують отриману адресу як адресу домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1718 +#: sssd.conf.5.xml:1739 msgid "Default: <filename>/home</filename>" msgstr "Типове значення: <filename>/home</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1723 +#: sssd.conf.5.xml:1744 msgid "create_homedir (bool)" msgstr "create_homedir (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1726 +#: sssd.conf.5.xml:1747 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." @@ -2592,17 +2598,17 @@ msgstr "" "Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742 +#: sssd.conf.5.xml:1751 sssd.conf.5.xml:1763 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1735 +#: sssd.conf.5.xml:1756 msgid "remove_homedir (bool)" msgstr "remove_homedir (булівське значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1738 +#: sssd.conf.5.xml:1759 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." @@ -2611,12 +2617,12 @@ msgstr "" "користувачів. Може бути перевизначено з командного рядка." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1747 +#: sssd.conf.5.xml:1768 msgid "homedir_umask (integer)" msgstr "homedir_umask (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1750 +#: sssd.conf.5.xml:1771 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -2627,17 +2633,17 @@ msgstr "" "до щойно створеного домашнього каталогу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1779 msgid "Default: 077" msgstr "Типове значення: 077" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1763 +#: sssd.conf.5.xml:1784 msgid "skel_dir (string)" msgstr "skel_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1766 +#: sssd.conf.5.xml:1787 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2650,17 +2656,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1776 +#: sssd.conf.5.xml:1797 msgid "Default: <filename>/etc/skel</filename>" msgstr "Типове значення: <filename>/etc/skel</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1781 +#: sssd.conf.5.xml:1802 msgid "mail_dir (string)" msgstr "mail_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1784 +#: sssd.conf.5.xml:1805 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2671,17 +2677,17 @@ msgstr "" "каталог не вказано, буде використано типове значення." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1791 +#: sssd.conf.5.xml:1812 msgid "Default: <filename>/var/mail</filename>" msgstr "Типове значення: <filename>/var/mail</filename>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1796 +#: sssd.conf.5.xml:1817 msgid "userdel_cmd (string)" msgstr "userdel_cmd (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1799 +#: sssd.conf.5.xml:1820 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2692,18 +2698,18 @@ msgstr "" "вилучається. Код виконання, повернутий програмою не обробляється." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1805 +#: sssd.conf.5.xml:1826 msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 -#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441 +#: sssd.conf.5.xml:1836 sssd-ldap.5.xml:2277 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:612 sssd-ad.5.xml:229 sssd-krb5.5.xml:441 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1821 +#: sssd.conf.5.xml:1842 #, no-wrap msgid "" "[sssd]\n" @@ -2757,7 +2763,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1817 +#: sssd.conf.5.xml:1838 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2816,7 +2822,7 @@ msgstr "" "більше про використання LDAP, як засобу керування доступом." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 #: sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ" @@ -3660,8 +3666,8 @@ msgstr "Атрибут LDAP, що відповідає повному імені #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 -#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 -#: sssd-ipa.5.xml:461 +#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:2167 +#: sssd-ipa.5.xml:467 msgid "Default: cn" msgstr "Типове значення: cn" @@ -3676,7 +3682,7 @@ msgid "The LDAP attribute that lists the user's group memberships." msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365 +#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:371 msgid "Default: memberOf" msgstr "Типове значення: memberOf" @@ -3893,7 +3899,7 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 -#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "Типове значення: False" @@ -4185,7 +4191,7 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1998 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" @@ -4523,26 +4529,53 @@ msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1418 +#, fuzzy +#| msgid "" +#| "Specify the SASL authorization id to use. When GSSAPI is used, this " +#| "represents the Kerberos principal used for authentication to the " +#| "directory." msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " -"represents the Kerberos principal used for authentication to the directory." +"represents the Kerberos principal used for authentication to the directory. " +"This option can either contain the full principal (for example host/" +"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)." msgstr "" "Визначає ідентифікатор уповноваження SASL, який слід використовувати. Якщо " "використано GSSAPI, відповідає реєстраційному запису Kerberos, який " "використовується для розпізнавання під час доступу до каталогу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1423 +#: sssd-ldap.5.xml:1426 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1429 +#: sssd-ldap.5.xml:1432 +#, fuzzy +#| msgid "ldap_sasl_mech (string)" +msgid "ldap_sasl_realm (string)" +msgstr "ldap_sasl_mech (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1435 +msgid "" +"Specify the SASL realm to use. When not specified, this option defaults to " +"the value of krb5_realm. If the ldap_sasl_authid contains the realm as " +"well, this option is ignored." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1441 +msgid "Default: the value of krb5_realm." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1447 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1432 +#: sssd-ldap.5.xml:1450 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4552,34 +4585,34 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1455 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1443 +#: sssd-ldap.5.xml:1461 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1446 +#: sssd-ldap.5.xml:1464 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1449 +#: sssd-ldap.5.xml:1467 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1455 +#: sssd-ldap.5.xml:1473 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1476 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4590,27 +4623,27 @@ msgstr "" "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1470 +#: sssd-ldap.5.xml:1488 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1473 +#: sssd-ldap.5.xml:1491 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1477 +#: sssd-ldap.5.xml:1495 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1486 +#: sssd-ldap.5.xml:1504 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4629,7 +4662,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4641,7 +4674,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4652,29 +4685,29 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:260 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1515 +#: sssd-ldap.5.xml:1533 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1518 +#: sssd-ldap.5.xml:1536 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418 +#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:275 sssd-krb5.5.xml:418 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1545 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4684,12 +4717,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1539 +#: sssd-ldap.5.xml:1557 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1542 +#: sssd-ldap.5.xml:1560 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4698,7 +4731,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1565 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4707,7 +4740,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1570 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4718,7 +4751,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1558 +#: sssd-ldap.5.xml:1576 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4728,19 +4761,24 @@ msgstr "" "для визначення завершення строку дії пароля. У разі зміни пароля " "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1582 +msgid "Default: none" +msgstr "Типове значення: none" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1570 +#: sssd-ldap.5.xml:1588 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1573 +#: sssd-ldap.5.xml:1591 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 +#: sssd-ldap.5.xml:1595 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4749,7 +4787,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1600 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4763,28 +4801,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1596 +#: sssd-ldap.5.xml:1614 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1599 +#: sssd-ldap.5.xml:1617 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1603 +#: sssd-ldap.5.xml:1621 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 +#: sssd-ldap.5.xml:1627 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1630 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4793,17 +4831,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1617 +#: sssd-ldap.5.xml:1635 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1623 +#: sssd-ldap.5.xml:1641 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1644 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -4812,12 +4850,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1638 +#: sssd-ldap.5.xml:1656 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1659 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4835,12 +4873,12 @@ msgstr "" "скористайтеся параметром access_provider = permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209 +#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2227 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1656 +#: sssd-ldap.5.xml:1674 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4852,7 +4890,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1678 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4860,7 +4898,7 @@ msgstr "" "У прикладі доступ до вузла обмежено учасниками групи «allowedusers» у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1665 +#: sssd-ldap.5.xml:1683 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4874,17 +4912,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1679 +#: sssd-ldap.5.xml:1697 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1682 +#: sssd-ldap.5.xml:1700 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4893,7 +4931,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1686 +#: sssd-ldap.5.xml:1704 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4904,12 +4942,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1693 +#: sssd-ldap.5.xml:1711 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1714 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4918,7 +4956,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1701 +#: sssd-ldap.5.xml:1719 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4931,7 +4969,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1708 +#: sssd-ldap.5.xml:1726 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4942,7 +4980,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1732 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4955,30 +4993,30 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1747 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1732 +#: sssd-ldap.5.xml:1750 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1736 +#: sssd-ldap.5.xml:1754 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1739 +#: sssd-ldap.5.xml:1757 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1743 +#: sssd-ldap.5.xml:1761 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4987,19 +5025,19 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1766 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1752 +#: sssd-ldap.5.xml:1770 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1773 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5008,12 +5046,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1762 +#: sssd-ldap.5.xml:1780 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1765 +#: sssd-ldap.5.xml:1783 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5022,13 +5060,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1788 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1774 +#: sssd-ldap.5.xml:1792 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5038,7 +5076,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1779 +#: sssd-ldap.5.xml:1797 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5047,7 +5085,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1784 +#: sssd-ldap.5.xml:1802 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5056,7 +5094,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1807 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5080,57 +5118,57 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1818 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1804 +#: sssd-ldap.5.xml:1822 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 +#: sssd-ldap.5.xml:1825 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1810 +#: sssd-ldap.5.xml:1828 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1816 +#: sssd-ldap.5.xml:1834 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1819 +#: sssd-ldap.5.xml:1837 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1829 +#: sssd-ldap.5.xml:1847 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1832 +#: sssd-ldap.5.xml:1850 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1836 +#: sssd-ldap.5.xml:1854 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1842 +#: sssd-ldap.5.xml:1860 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1845 +#: sssd-ldap.5.xml:1863 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5139,17 +5177,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1868 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1856 +#: sssd-ldap.5.xml:1874 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5158,32 +5196,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1863 +#: sssd-ldap.5.xml:1881 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1887 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1890 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1894 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1882 +#: sssd-ldap.5.xml:1900 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1885 +#: sssd-ldap.5.xml:1903 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5192,17 +5230,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1889 +#: sssd-ldap.5.xml:1907 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1895 +#: sssd-ldap.5.xml:1913 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1916 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5211,17 +5249,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1920 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1926 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1929 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5229,49 +5267,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1915 +#: sssd-ldap.5.xml:1933 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1939 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1924 +#: sssd-ldap.5.xml:1942 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1947 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1935 +#: sssd-ldap.5.xml:1953 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1938 +#: sssd-ldap.5.xml:1956 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1942 +#: sssd-ldap.5.xml:1960 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1948 +#: sssd-ldap.5.xml:1966 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1951 +#: sssd-ldap.5.xml:1969 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5281,7 +5319,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1956 +#: sssd-ldap.5.xml:1974 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5290,17 +5328,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1979 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1967 +#: sssd-ldap.5.xml:1985 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1970 +#: sssd-ldap.5.xml:1988 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5311,7 +5349,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1976 +#: sssd-ldap.5.xml:1994 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5320,12 +5358,12 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1986 +#: sssd-ldap.5.xml:2004 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1989 +#: sssd-ldap.5.xml:2007 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5335,12 +5373,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2000 +#: sssd-ldap.5.xml:2018 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2003 +#: sssd-ldap.5.xml:2021 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5349,7 +5387,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2026 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5358,8 +5396,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 -#: sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2031 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072 +#: sssd-ldap.5.xml:2090 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5368,17 +5406,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041 +#: sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2059 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2024 +#: sssd-ldap.5.xml:2042 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2045 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5387,7 +5425,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2032 +#: sssd-ldap.5.xml:2050 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5396,12 +5434,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2065 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2050 +#: sssd-ldap.5.xml:2068 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5410,12 +5448,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2065 +#: sssd-ldap.5.xml:2083 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2068 +#: sssd-ldap.5.xml:2086 msgid "" "If true then SSSD will download every rule that contains a regular " "expression in sudoHost attribute." @@ -5424,12 +5462,12 @@ msgstr "" "формальний вираз у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1820 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2084 +#: sssd-ldap.5.xml:2102 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5442,12 +5480,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2094 +#: sssd-ldap.5.xml:2112 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2114 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5456,47 +5494,47 @@ msgstr "" "визначено у RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2102 +#: sssd-ldap.5.xml:2120 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2123 sssd-ldap.5.xml:2149 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135 +#: sssd-ldap.5.xml:2126 sssd-ldap.5.xml:2153 msgid "Default: automountMap" msgstr "Типове значення: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2133 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2118 +#: sssd-ldap.5.xml:2136 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2139 msgid "Default: ou" msgstr "Типове значення: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2128 +#: sssd-ldap.5.xml:2146 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2142 +#: sssd-ldap.5.xml:2160 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159 +#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2177 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5505,17 +5543,17 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2156 +#: sssd-ldap.5.xml:2174 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 +#: sssd-ldap.5.xml:2181 msgid "Default: automountInformation" msgstr "Типове значення: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2100 +#: sssd-ldap.5.xml:2118 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5528,32 +5566,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2173 +#: sssd-ldap.5.xml:2191 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2180 +#: sssd-ldap.5.xml:2198 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2185 +#: sssd-ldap.5.xml:2203 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2190 +#: sssd-ldap.5.xml:2208 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2213 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2198 +#: sssd-ldap.5.xml:2216 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5562,7 +5600,7 @@ msgstr "" "фільтрування LDAP, яким буде обмежено пошук користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2202 +#: sssd-ldap.5.xml:2220 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5571,7 +5609,7 @@ msgstr "" "використовувати синтаксичні конструкції з ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2212 +#: sssd-ldap.5.xml:2230 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5581,7 +5619,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2215 +#: sssd-ldap.5.xml:2233 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5590,12 +5628,12 @@ msgstr "" "яких встановлено командну оболонку /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2222 +#: sssd-ldap.5.xml:2240 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2225 +#: sssd-ldap.5.xml:2243 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5604,7 +5642,7 @@ msgstr "" "фільтрування LDAP, яким буде обмежено пошук груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2247 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5613,17 +5651,17 @@ msgstr "" "використовувати синтаксичні конструкції з ldap_group_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2257 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2244 +#: sssd-ldap.5.xml:2262 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2175 +#: sssd-ldap.5.xml:2193 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5634,7 +5672,7 @@ msgstr "" "відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2261 +#: sssd-ldap.5.xml:2279 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5645,7 +5683,7 @@ msgstr "" "</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2267 +#: sssd-ldap.5.xml:2285 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5667,19 +5705,19 @@ msgstr "" " enumerate = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 -#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 +#: sssd-ldap.5.xml:2284 sssd-simple.5.xml:139 sssd-ipa.5.xml:620 +#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 #: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2298 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2282 +#: sssd-ldap.5.xml:2300 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6078,7 +6116,7 @@ msgstr "" "обробляються." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </" @@ -6093,6 +6131,14 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:120 msgid "" +"Specifying no values for any of the lists is equivalent to skipping it " +"entirely. Beware of this while generating parameters for the simple provider " +"using automated scripts." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:125 +msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" @@ -6100,7 +6146,7 @@ msgstr "" "simple_deny_users, є помилкою у налаштуванні." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:128 +#: sssd-simple.5.xml:133 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6112,7 +6158,7 @@ msgstr "" "доступу." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:135 +#: sssd-simple.5.xml:140 #, no-wrap msgid "" " [domain/example.com]\n" @@ -6190,13 +6236,21 @@ msgstr "" "вузлів). Докладнішу інформацію щодо HBAC можна отримати на сайті freeipa." "org. У налаштуванні керування доступом на боці клієнта немає потреби." +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:62 +msgid "" +"The IPA provider will use the PAC responder if the Kerberos tickets of users " +"from trusted realms contain a PAC. To make configuration easier the PAC " +"responder is started automatically if the IPA ID provider is configured." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:72 +#: sssd-ipa.5.xml:78 msgid "ipa_domain (string)" msgstr "ipa_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:75 +#: sssd-ipa.5.xml:81 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." @@ -6205,12 +6259,12 @@ msgstr "" "використано назву домену з налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:83 +#: sssd-ipa.5.xml:89 msgid "ipa_server, ipa_backup_server (string)" msgstr "ipa_server, ipa_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:86 +#: sssd-ipa.5.xml:92 msgid "" "The comma-separated list of IP addresses or hostnames of the IPA servers to " "which SSSD should connect in the order of preference. For more information " @@ -6226,12 +6280,12 @@ msgstr "" "СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:99 +#: sssd-ipa.5.xml:105 msgid "ipa_hostname (string)" msgstr "ipa_hostname (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:102 +#: sssd-ipa.5.xml:108 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." @@ -6241,12 +6295,12 @@ msgstr "" "цього вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:110 +#: sssd-ipa.5.xml:116 msgid "ipa_dyndns_update (boolean)" msgstr "ipa_dyndns_update (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:113 +#: sssd-ipa.5.xml:119 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." @@ -6256,7 +6310,7 @@ msgstr "" "клієнтського комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:118 +#: sssd-ipa.5.xml:124 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6266,12 +6320,12 @@ msgstr "" "у /etc/krb5.conf" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 +#: sssd-ipa.5.xml:135 msgid "ipa_dyndns_iface (string)" msgstr "ipa_dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:132 +#: sssd-ipa.5.xml:138 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." @@ -6281,40 +6335,40 @@ msgstr "" "оновлень DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:137 +#: sssd-ipa.5.xml:143 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:143 +#: sssd-ipa.5.xml:149 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:146 +#: sssd-ipa.5.xml:152 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з " "HBAC об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:150 +#: sssd-ipa.5.xml:156 msgid "Default: Use base DN" msgstr "Типове значення: використання базової назви домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:156 +#: sssd-ipa.5.xml:162 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:159 +#: sssd-ipa.5.xml:165 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225 +#: sssd-ipa.5.xml:169 sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 sssd-ipa.5.xml:231 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -6323,7 +6377,7 @@ msgstr "" "налаштування декількох основ пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 +#: sssd-ipa.5.xml:174 msgid "" "If filter is given in any of search bases and " "<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter " @@ -6334,64 +6388,64 @@ msgstr "" "проігноровано." #. type: Content of: <listitem><para> -#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 +#: sssd-ipa.5.xml:179 sssd-ipa.5.xml:198 include/ldap_search_bases.xml:23 #: include/ldap_search_bases_experimental.xml:23 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:180 +#: sssd-ipa.5.xml:186 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:183 +#: sssd-ipa.5.xml:189 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку карт " "користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:199 +#: sssd-ipa.5.xml:205 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:202 +#: sssd-ipa.5.xml:208 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку надійних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:211 +#: sssd-ipa.5.xml:217 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Типове значення: значення <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:218 +#: sssd-ipa.5.xml:224 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:221 +#: sssd-ipa.5.xml:227 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку основного " "об’єкта домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 +#: sssd-ipa.5.xml:236 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" "Типове значення: значення виразу <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232 +#: sssd-ipa.5.xml:243 sssd-krb5.5.xml:232 msgid "krb5_validate (boolean)" msgstr "krb5_validate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:240 +#: sssd-ipa.5.xml:246 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." @@ -6399,7 +6453,7 @@ msgstr "" "Перевірити за допомогою krb5_keytab, чи не було підмінено отриманий TGT." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:247 +#: sssd-ipa.5.xml:253 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6408,7 +6462,7 @@ msgstr "" "модуля Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:257 +#: sssd-ipa.5.xml:263 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -6417,7 +6471,7 @@ msgstr "" "«ipa_domain»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:261 +#: sssd-ipa.5.xml:267 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -6426,7 +6480,7 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:272 +#: sssd-ipa.5.xml:278 msgid "" "Specifies if the host and user principal should be canonicalized when " "connecting to IPA LDAP and also for AS requests. This feature is available " @@ -6437,12 +6491,12 @@ msgstr "" "запитів AS. Цю можливість передбачено з версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:285 +#: sssd-ipa.5.xml:291 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:288 +#: sssd-ipa.5.xml:294 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -6453,17 +6507,17 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:295 +#: sssd-ipa.5.xml:301 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:300 +#: sssd-ipa.5.xml:306 msgid "ipa_hbac_treat_deny_as (string)" msgstr "ipa_hbac_treat_deny_as (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:303 +#: sssd-ipa.5.xml:309 msgid "" "This option specifies how to treat the deprecated DENY-type HBAC rules. As " "of FreeIPA v2.1, DENY rules are no longer supported on the server. All users " @@ -6477,7 +6531,7 @@ msgstr "" "періоду передбачено два режими обробки таких правил:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:312 +#: sssd-ipa.5.xml:318 msgid "" "<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all " "users will be denied access." @@ -6486,7 +6540,7 @@ msgstr "" "DENY, всім користувачам доступ буде заборонено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 +#: sssd-ipa.5.xml:323 msgid "" "<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very " "careful with this option, as it may result in opening unintended access." @@ -6496,17 +6550,17 @@ msgstr "" "небажаним користувачам." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 +#: sssd-ipa.5.xml:328 msgid "Default: DENY_ALL" msgstr "Типове значення: DENY_ALL" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:327 +#: sssd-ipa.5.xml:333 msgid "ipa_hbac_support_srchost (boolean)" msgstr "ipa_hbac_support_srchost (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:330 +#: sssd-ipa.5.xml:336 msgid "" "If this is set to false, then srchost as given to SSSD by PAM will be " "ignored." @@ -6515,7 +6569,7 @@ msgstr "" "даних PAM, буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:334 +#: sssd-ipa.5.xml:340 msgid "" "Note that if set to <emphasis>False</emphasis>, this option casuses filters " "given in <emphasis>ipa_host_search_base</emphasis> to be ignored;" @@ -6525,38 +6579,38 @@ msgstr "" "буде проігноровано;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:345 +#: sssd-ipa.5.xml:351 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:348 +#: sssd-ipa.5.xml:354 msgid "The automounter location this IPA client will be using" msgstr "" "Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:351 +#: sssd-ipa.5.xml:357 msgid "Default: The location named \"default\"" msgstr "Типове значення: адреса з назвою \"default\"" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:358 +#: sssd-ipa.5.xml:364 msgid "ipa_netgroup_member_of (string)" msgstr "ipa_netgroup_member_of (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:361 +#: sssd-ipa.5.xml:367 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "Атрибут LDAP зі списком учасників мережевої групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:370 +#: sssd-ipa.5.xml:376 msgid "ipa_netgroup_member_user (string)" msgstr "ipa_netgroup_member_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:373 +#: sssd-ipa.5.xml:379 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." @@ -6565,17 +6619,17 @@ msgstr "" "учасниками мережевої групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473 +#: sssd-ipa.5.xml:384 sssd-ipa.5.xml:479 msgid "Default: memberUser" msgstr "Типове значення: memberUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:383 +#: sssd-ipa.5.xml:389 msgid "ipa_netgroup_member_host (string)" msgstr "ipa_netgroup_member_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:386 +#: sssd-ipa.5.xml:392 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." @@ -6584,17 +6638,17 @@ msgstr "" "учасниками мережевої групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485 +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:491 msgid "Default: memberHost" msgstr "Типове значення: memberHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:395 +#: sssd-ipa.5.xml:401 msgid "ipa_netgroup_member_ext_host (string)" msgstr "ipa_netgroup_member_ext_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:398 +#: sssd-ipa.5.xml:404 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." @@ -6603,78 +6657,78 @@ msgstr "" "мережевої групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:402 +#: sssd-ipa.5.xml:408 msgid "Default: externalHost" msgstr "Типове значення: externalHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:407 +#: sssd-ipa.5.xml:413 msgid "ipa_netgroup_domain (string)" msgstr "ipa_netgroup_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:410 +#: sssd-ipa.5.xml:416 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" "Атрибут LDAP, у якому міститься доменна назва NIS мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:414 +#: sssd-ipa.5.xml:420 msgid "Default: nisDomainName" msgstr "Типове значення: nisDomainName" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:420 +#: sssd-ipa.5.xml:426 msgid "ipa_host_object_class (string)" msgstr "ipa_host_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:429 sssd-ipa.5.xml:452 msgid "The object class of a host entry in LDAP." msgstr "Клас об’єктів запису вузла у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:432 sssd-ipa.5.xml:455 msgid "Default: ipaHost" msgstr "Типове значення: ipaHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:431 +#: sssd-ipa.5.xml:437 msgid "ipa_host_fqdn (string)" msgstr "ipa_host_fqdn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:434 +#: sssd-ipa.5.xml:440 msgid "The LDAP attribute that contains FQDN of the host." msgstr "Атрибут LDAP, що містить FQDN вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:437 +#: sssd-ipa.5.xml:443 msgid "Default: fqdn" msgstr "Типове значення: fqdn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:443 +#: sssd-ipa.5.xml:449 msgid "ipa_selinux_usermap_object_class (string)" msgstr "ipa_selinux_usermap_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:454 +#: sssd-ipa.5.xml:460 msgid "ipa_selinux_usermap_name (string)" msgstr "ipa_selinux_usermap_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:457 +#: sssd-ipa.5.xml:463 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "Атрибут LDAP, що містить назву карти користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:466 +#: sssd-ipa.5.xml:472 msgid "ipa_selinux_usermap_member_user (string)" msgstr "ipa_selinux_usermap_member_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:469 +#: sssd-ipa.5.xml:475 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" @@ -6682,12 +6736,12 @@ msgstr "" "правило." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:478 +#: sssd-ipa.5.xml:484 msgid "ipa_selinux_usermap_member_host (string)" msgstr "ipa_selinux_usermap_member_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:481 +#: sssd-ipa.5.xml:487 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." @@ -6696,12 +6750,12 @@ msgstr "" "це правило." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:490 +#: sssd-ipa.5.xml:496 msgid "ipa_selinux_usermap_see_also (string)" msgstr "ipa_selinux_usermap_see_also (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:499 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost" @@ -6710,32 +6764,32 @@ msgstr "" "для встановлення відповідності замість memberUser і memberHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:498 +#: sssd-ipa.5.xml:504 msgid "Default: seeAlso" msgstr "Типове значення: seeAlso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:503 +#: sssd-ipa.5.xml:509 msgid "ipa_selinux_usermap_selinux_user (string)" msgstr "ipa_selinux_usermap_selinux_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:506 +#: sssd-ipa.5.xml:512 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "Атрибут LDAP, який містить сам рядок користувача SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:510 +#: sssd-ipa.5.xml:516 msgid "Default: ipaSELinuxUser" msgstr "Типове значення: ipaSELinuxUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:521 msgid "ipa_selinux_usermap_enabled (string)" msgstr "ipa_selinux_usermap_enabled (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:518 +#: sssd-ipa.5.xml:524 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." @@ -6744,72 +6798,104 @@ msgstr "" "користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:522 +#: sssd-ipa.5.xml:528 msgid "Default: ipaEnabledFlag" msgstr "Типове значення: ipaEnabledFlag" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:527 +#: sssd-ipa.5.xml:533 msgid "ipa_selinux_usermap_user_category (string)" msgstr "ipa_selinux_usermap_user_category (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:530 +#: sssd-ipa.5.xml:536 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "Атрибут LDAP, що містить категорію користувачів, зокрема 'all'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:540 msgid "Default: userCategory" msgstr "Типове значення: userCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:539 +#: sssd-ipa.5.xml:545 msgid "ipa_selinux_usermap_host_category (string)" msgstr "ipa_selinux_usermap_host_category (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:542 +#: sssd-ipa.5.xml:548 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "Атрибут LDAP, що містить категорію вузлів, зокрема 'all'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:546 +#: sssd-ipa.5.xml:552 msgid "Default: hostCategory" msgstr "Типове значення: hostCategory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:551 +#: sssd-ipa.5.xml:557 msgid "ipa_selinux_usermap_uuid (string)" msgstr "ipa_selinux_usermap_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:554 +#: sssd-ipa.5.xml:560 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "Атрибут LDAP, що містить унікальний ідентифікатор карти користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:558 +#: sssd-ipa.5.xml:564 msgid "Default: ipaUniqueID" msgstr "Типове значення: ipaUniqueID" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:563 +#: sssd-ipa.5.xml:569 msgid "ipa_host_ssh_public_key (string)" msgstr "ipa_host_ssh_public_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:566 +#: sssd-ipa.5.xml:572 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:570 +#: sssd-ipa.5.xml:576 msgid "Default: ipaSshPubKey" msgstr "Типове значення: ipaSshPubKey" -#. type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd-ipa.5.xml:585 +msgid "SUBDOMAINS PROVIDER" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:587 +msgid "" +"The IPA subdomains provider behaves slightly differently if it is configured " +"explicitly or implicitly." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:591 +msgid "" +"If the option 'subdomains_provider = ipa' is found in the domain section of " +"sssd.conf, the IPA subdomains provider is configured explicitly, and all " +"subdomain requests are sent to the IPA server if necessary." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:597 +msgid "" +"If the option 'subdomains_provider' is not set in the domain section of sssd." +"conf but there is the option 'id_provider = ipa', the IPA subdomains " +"provider is configured implictly. In this case, if a subdomain request fails " +"and indicates that the server does not support subdomains, i.e. is not " +"configured for trusts, the IPA subdomains provider is disabled. After an " +"hour or after the IPA provider goes online, the subdomains provider is " +"enabled again." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ipa.5.xml:614 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6821,7 +6907,7 @@ msgstr "" "ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:592 +#: sssd-ipa.5.xml:621 #, no-wrap msgid "" " [domain/example.com]\n" @@ -7011,7 +7097,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:230 +#: sssd-ad.5.xml:231 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7022,7 +7108,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:237 +#: sssd-ad.5.xml:238 #, no-wrap msgid "" "[domain/EXAMPLE]\n" -- cgit