From fea9a746b6eebe92eb9acb525cd8005facd776a9 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 19 Dec 2013 18:48:24 +0100 Subject: Updating translations for the 1.11.3 release --- src/man/po/br.po | 683 ++++++++++++++++++++++++---------------------- src/man/po/ca.po | 689 ++++++++++++++++++++++++---------------------- src/man/po/cs.po | 681 ++++++++++++++++++++++++---------------------- src/man/po/es.po | 691 +++++++++++++++++++++++++---------------------- src/man/po/eu.po | 681 ++++++++++++++++++++++++---------------------- src/man/po/fr.po | 689 ++++++++++++++++++++++++---------------------- src/man/po/ja.po | 689 ++++++++++++++++++++++++---------------------- src/man/po/lv.po | 685 ++++++++++++++++++++++++---------------------- src/man/po/nl.po | 685 ++++++++++++++++++++++++---------------------- src/man/po/pt.po | 687 ++++++++++++++++++++++++---------------------- src/man/po/ru.po | 683 ++++++++++++++++++++++++---------------------- src/man/po/sssd-docs.pot | 661 ++++++++++++++++++++++++--------------------- src/man/po/tg.po | 683 ++++++++++++++++++++++++---------------------- src/man/po/uk.po | 689 ++++++++++++++++++++++++---------------------- src/man/po/zh_CN.po | 683 ++++++++++++++++++++++++---------------------- 15 files changed, 5441 insertions(+), 4818 deletions(-) (limited to 'src/man') diff --git a/src/man/po/br.po b/src/man/po/br.po index bb63b3129..5c3a55c72 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek \n" "Language-Team: Breton (http://www.transifex.com/projects/p/fedora/language/" "br/)\n" @@ -438,8 +438,8 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -497,10 +497,10 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Dre ziouer : true" @@ -516,8 +516,8 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -536,7 +536,7 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -575,7 +575,7 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1338,7 +1338,7 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2018,8 +2018,8 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2063,7 +2063,7 @@ msgid "" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2321,8 +2321,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2758,7 +2758,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2785,14 +2785,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3129,8 +3129,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3295,29 +3295,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3325,14 +3350,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3340,7 +3365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3349,18 +3374,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3368,172 +3393,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3541,7 +3566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3549,12 +3574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3562,12 +3587,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3578,12 +3603,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3591,12 +3616,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3605,34 +3630,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3640,14 +3665,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3655,17 +3680,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3675,12 +3700,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3688,17 +3713,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3706,13 +3731,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3721,7 +3746,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3729,26 +3754,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3756,7 +3781,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3764,7 +3789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3772,41 +3797,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3815,32 +3840,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3848,24 +3873,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3873,17 +3898,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3894,29 +3919,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3925,17 +3950,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3943,49 +3968,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3993,27 +4018,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4025,7 +4050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4033,7 +4058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4041,39 +4066,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4083,7 +4108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4091,26 +4116,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4118,7 +4143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4126,31 +4151,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4159,56 +4184,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4219,12 +4244,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4233,14 +4258,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4249,24 +4274,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4274,19 +4299,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4295,7 +4320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4303,7 +4328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4312,7 +4337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4320,108 +4345,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4432,7 +4457,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4450,213 +4475,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4664,106 +4689,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4772,76 +4797,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4850,46 +4875,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4897,43 +4922,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4941,7 +4966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4949,7 +4974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4962,20 +4987,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5410,7 +5435,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5425,7 +5450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5440,12 +5465,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5466,12 +5491,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5513,12 +5538,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5526,12 +5551,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5550,19 +5575,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5665,7 +5690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6282,7 +6307,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6343,9 +6368,23 @@ msgstr "" msgid "Default: Not set" msgstr "Dre ziouer : true" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6355,29 +6394,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6385,7 +6424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6400,7 +6439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6409,7 +6448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6417,7 +6456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/ca.po b/src/man/po/ca.po index 0d744adc0..6e2a89e1a 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/fedora/language/" "ca/)\n" @@ -482,8 +482,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -551,10 +551,10 @@ msgstr "Afegir una marca de temps als missatges de depuració" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Per defecte: true" @@ -570,8 +570,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -590,7 +590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Per defecte: 10" @@ -629,7 +629,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Per defecte: 60" @@ -1453,7 +1453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "Per defecte: none" @@ -2187,8 +2187,8 @@ msgstr "" "aquest temps d'espera, el domini seguirà operant en el mode fora de línia." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Per defecte: 6" @@ -2234,7 +2234,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2522,8 +2522,8 @@ msgid "Default: None, no command is run" msgstr "Per defecte: Cap, no s'executa cap comanda" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "EXEMPLE" @@ -3011,7 +3011,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte d'usuari d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "Per defecte: nsUniqueId" @@ -3038,7 +3038,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3047,7 +3047,7 @@ msgstr "" "pare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "Per defecte: modifyTimestamp" @@ -3423,8 +3423,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'atribut LDAP que correspon al nom complet de l'usuari." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "Per defecte: cn" @@ -3594,11 +3594,40 @@ msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (enter)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "L'atribut LDAP que conté els noms dels membres del grup." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3609,17 +3638,17 @@ msgstr "" "seguirà l'SSSD. Aquesta opció no té cap efecte sobre l'esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3627,14 +3656,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3642,7 +3671,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3651,18 +3680,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3670,173 +3699,173 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objecte d'una entrada de netgroup a LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "Per defecte: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'atribut LDAP que es correspon amb el nom del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'atribut LDAP que conté els noms dels membres del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "Per defecte: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "Per defecte: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte de netgroup d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3844,7 +3873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3852,12 +3881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3865,12 +3894,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3887,12 +3916,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3903,12 +3932,12 @@ msgstr "" "temps d'espera en comunicar amb el KDC en cas d'un vincle SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3917,34 +3946,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3952,14 +3981,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3967,17 +3996,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3987,12 +4016,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4000,17 +4029,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4018,13 +4047,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4033,7 +4062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4041,12 +4070,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4056,7 +4085,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4065,7 +4094,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4077,7 +4106,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4088,7 +4117,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4099,22 +4128,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4123,7 +4152,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4132,12 +4161,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4151,32 +4180,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4184,12 +4213,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4198,12 +4227,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4211,17 +4240,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4232,17 +4261,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4251,12 +4280,12 @@ msgstr "" "i suportat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4265,17 +4294,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4283,51 +4312,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4338,27 +4367,27 @@ msgstr "" "seleccionat és GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4370,7 +4399,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4381,7 +4410,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4393,41 +4422,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica l'àmbit KERBEROS (per a autenticació SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4437,7 +4466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4445,12 +4474,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4459,7 +4488,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4468,7 +4497,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4476,7 +4505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4488,25 +4517,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4515,7 +4544,7 @@ msgstr "" "quan és compilat amb la versió d'OpenLDAP 2.4.13 o superior." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4524,29 +4553,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4555,30 +4584,30 @@ msgstr "" "permet canvis de contrasenya quan està habilitada la detecció de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4589,12 +4618,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4606,7 +4635,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4615,7 +4644,7 @@ msgstr "" "membres del grup d'ldap \"allowedusers\"." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4628,17 +4657,17 @@ msgstr "" "concedint accés en estar fora de línia i viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4647,7 +4676,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4659,12 +4688,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4673,7 +4702,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4682,7 +4711,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4690,7 +4719,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4699,7 +4728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4707,29 +4736,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4738,17 +4767,17 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -4757,12 +4786,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4771,13 +4800,13 @@ msgstr "" "cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4787,7 +4816,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4796,7 +4825,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4805,7 +4834,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4814,19 +4843,19 @@ msgstr "" "llibreries client d'LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4837,7 +4866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4861,213 +4890,213 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5075,106 +5104,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5183,76 +5212,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5261,46 +5290,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5308,43 +5337,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5355,7 +5384,7 @@ msgstr "" "sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5366,7 +5395,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5379,20 +5408,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5913,7 +5942,7 @@ msgstr "" "complet utilitzat en el domini d'IPA per identificar aquest amfitrió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5928,7 +5957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5943,12 +5972,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5969,12 +5998,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6016,12 +6045,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6029,12 +6058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6053,19 +6082,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6170,7 +6199,7 @@ msgstr "" "suplantada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6799,7 +6828,7 @@ msgstr "ldap_access_filter (cadena)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6860,9 +6889,25 @@ msgstr "" msgid "Default: Not set" msgstr "Per defecte: true" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "ldap_referrals (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "ldap_referrals (booleà)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6872,29 +6917,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6902,7 +6947,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6917,7 +6962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6926,7 +6971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6934,7 +6979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/cs.po b/src/man/po/cs.po index 75028dd0a..da44ba11d 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" "PO-Revision-Date: 2012-05-22 13:44+0000\n" "Last-Translator: sgallagh <sgallagh@redhat.com>\n" "Language-Team: Czech (http://www.transifex.com/projects/p/fedora/language/" @@ -433,8 +433,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -492,10 +492,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -511,8 +511,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -531,7 +531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -570,7 +570,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1331,7 +1331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2011,8 +2011,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2056,7 +2056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2314,8 +2314,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2751,7 +2751,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2778,14 +2778,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3122,8 +3122,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3288,29 +3288,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3318,14 +3343,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3333,7 +3358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3342,18 +3367,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3361,172 +3386,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3534,7 +3559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3542,12 +3567,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3555,12 +3580,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3571,12 +3596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3584,12 +3609,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3598,34 +3623,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3633,14 +3658,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3648,17 +3673,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3668,12 +3693,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3681,17 +3706,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3699,13 +3724,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3714,7 +3739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3722,26 +3747,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3749,7 +3774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3757,7 +3782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3765,41 +3790,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3808,32 +3833,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3841,24 +3866,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3866,17 +3891,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3887,29 +3912,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3918,17 +3943,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3936,49 +3961,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3986,27 +4011,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4018,7 +4043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4026,7 +4051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4034,39 +4059,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4076,7 +4101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4084,26 +4109,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4111,7 +4136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4119,31 +4144,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4152,56 +4177,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4212,12 +4237,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4226,14 +4251,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4242,24 +4267,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4267,19 +4292,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4288,7 +4313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4296,7 +4321,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4305,7 +4330,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4313,108 +4338,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4425,7 +4450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4443,213 +4468,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4657,106 +4682,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4765,76 +4790,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4843,46 +4868,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4890,43 +4915,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4934,7 +4959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4942,7 +4967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4955,20 +4980,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5425,7 +5450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5440,7 +5465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5455,12 +5480,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5481,12 +5506,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5528,12 +5553,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5541,12 +5566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5565,19 +5590,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5680,7 +5705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6297,7 +6322,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6356,9 +6381,23 @@ msgstr "" msgid "Default: Not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6368,29 +6407,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6398,7 +6437,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6413,7 +6452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6422,7 +6461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6430,7 +6469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/es.po b/src/man/po/es.po index 51f3c1547..e9c2de49f 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -3,7 +3,7 @@ # This file is distributed under the same license as the sssd-docs package. # # Translators: -# Adolfo Jayme Barrientos <fitoschido@ubuntu.com>, 2012 +# Fito Jayme <fitoschido@ubuntu.com>, 2012 # Gumbo72 <carlosantolin@hotmail.es>, 2012 # Domingo Becker <domingobecker@gmail.com>, 2013 # Eduardo Villagrán M <gotencool@gmail.com>, 2011 @@ -15,8 +15,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Spanish (http://www.transifex.com/projects/p/fedora/language/" "es/)\n" @@ -518,8 +518,8 @@ msgstr "" "user@domain.name, para acceder." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -587,10 +587,10 @@ msgstr "Agregar una marca de tiempo a los mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Predeterminado: true" @@ -606,8 +606,8 @@ msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -628,7 +628,7 @@ msgstr "" "para asegurar que el proceso está vivo y capaz de responder peticiones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Predeterminado: 10" @@ -676,7 +676,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Predeterminado: 60" @@ -1583,7 +1583,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "Predeterminado: none" @@ -2409,8 +2409,8 @@ msgstr "" "espera, el dominio continuará operativo en modo fuera de línea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Predeterminado: 6" @@ -2459,7 +2459,7 @@ msgstr "" "momento, esta opción no está soportada en el proveedor local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "Predeterminado: True" @@ -2760,8 +2760,8 @@ msgid "Default: None, no command is run" msgstr "Predeterminado: None, no se ejecuta comando" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "EJEMPLO" @@ -3290,7 +3290,7 @@ msgstr "" "El atributo LDAP que contiene el GUID/UUID de un objeto de usuario LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "Predeterminado: nsUniqueId" @@ -3320,7 +3320,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3329,7 +3329,7 @@ msgstr "" "objeto primario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "Predeterminado: modifyTimestamp" @@ -3723,8 +3723,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "El atributo LDAP que corresponde al nombre completo del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "Predeterminado: cn" @@ -3901,11 +3901,40 @@ msgstr "ldap_group_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (entero)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3917,17 +3946,17 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3938,7 +3967,7 @@ msgstr "" "despliegues con grupos complejos o profundamente anidados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -3948,7 +3977,7 @@ msgstr "" "muy complejos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3959,7 +3988,7 @@ msgstr "" "esencialmente “auto-detect”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3972,18 +4001,18 @@ msgstr "" "documentation</ulink> para más detalles." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3994,68 +4023,68 @@ msgstr "" "notable cuando se trata con grupos complejos o profundamente anidados)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "La clase de objeto de una entrada netgroup en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "Predeterminado: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "El atributo LDAP que corresponde al nombre del netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "El atributo LDAP que contiene los nombres de los miembros de grupo de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "Predeterminado: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4063,59 +4092,59 @@ msgstr "" "de red." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "Esta opción no está disponible en el proveedor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "Predeterminado: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo de red LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "Un proveedor IPA ipa_netgroup_uuid sería usado en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "La clase objeto de una entrada de servicio en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "Por defecto: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "ldap_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4123,49 +4152,49 @@ msgstr "" "El atributo LDAP que contiene el nombre de servicio de atributos y sus alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "ldap_service_port (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "El atributo LDAP que contiene el puerto manejado por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "Por defecto: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" "El atributo LDAP que contiene los protocolos entendidos por este servicio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "Por defecto: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4176,7 +4205,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4187,12 +4216,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4204,12 +4233,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4226,12 +4255,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4243,12 +4272,12 @@ msgstr "" "enlazador SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4261,17 +4290,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4280,17 +4309,17 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4301,7 +4330,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4311,7 +4340,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4322,17 +4351,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4342,12 +4371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4358,19 +4387,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4381,7 +4410,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4389,7 +4418,7 @@ msgstr "" "a 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4402,7 +4431,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4413,12 +4442,12 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4428,7 +4457,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4437,7 +4466,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4448,7 +4477,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4459,7 +4488,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4470,22 +4499,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4494,7 +4523,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4503,12 +4532,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4522,33 +4551,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4559,12 +4588,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4573,12 +4602,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4589,18 +4618,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4611,17 +4640,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4630,12 +4659,12 @@ msgstr "" "probado y soportado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4648,17 +4677,17 @@ msgstr "" "myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4669,17 +4698,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4688,34 +4717,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4726,27 +4755,27 @@ msgstr "" "es GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4765,7 +4794,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4776,7 +4805,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4788,29 +4817,29 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4819,12 +4848,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4834,7 +4863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4842,12 +4871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4856,7 +4885,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4865,7 +4894,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4876,7 +4905,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4888,26 +4917,26 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4916,7 +4945,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4929,29 +4958,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4961,17 +4990,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -4980,12 +5009,12 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5003,12 +5032,12 @@ msgstr "" "defecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5020,7 +5049,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -5029,7 +5058,7 @@ msgstr "" "del grupo “allowedusers” en ldap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5042,17 +5071,17 @@ msgstr "" "obteniendo acceso mientras esté fuera de línea y viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5061,7 +5090,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5072,12 +5101,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5086,7 +5115,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5099,7 +5128,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5110,7 +5139,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5123,7 +5152,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5131,29 +5160,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5162,18 +5191,18 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5182,12 +5211,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5196,13 +5225,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5212,7 +5241,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5221,7 +5250,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5230,7 +5259,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5239,12 +5268,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5253,7 +5282,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5271,7 +5300,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5297,57 +5326,57 @@ msgstr "" "completos. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "El objeto clase de una regla de entrada sudo en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "Por defecto: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "El atributo LDAP que corresponde a la regla nombre de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "El atributo LDAP que corresponde al nombre de comando." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "Por defecto: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5356,17 +5385,17 @@ msgstr "" "red IP del host o grupo de red del host)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "Por defecto: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5375,32 +5404,32 @@ msgstr "" "grupo o grupo de red del usuario)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "Por defecto: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "El atributo LDAP que corresponde a las opciones sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "Por defecto: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5409,17 +5438,17 @@ msgstr "" "pueden ejecutar como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "Por defectot: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5428,17 +5457,17 @@ msgstr "" "ejecutar comandos como." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "Por defecto: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5447,17 +5476,17 @@ msgstr "" "regla sudo es válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "Por defecto: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5466,32 +5495,32 @@ msgstr "" "la regla sudo dejará de ser válida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "Por defecto: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "Por defecto: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5501,7 +5530,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5510,17 +5539,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5531,7 +5560,7 @@ msgstr "" "USBN más alto que el USN más alto de las reglas escondidas)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5540,12 +5569,12 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5554,12 +5583,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5568,7 +5597,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5577,8 +5606,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5587,17 +5616,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5606,7 +5635,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5615,12 +5644,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5629,12 +5658,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -5643,12 +5672,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5661,12 +5690,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5675,47 +5704,47 @@ msgstr "" "defecto del RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "Por defecto: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "El nombre de una entrada de mapa de automontaje en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "Por defecto: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5724,17 +5753,17 @@ msgstr "" "normalmente a un punto de montaje." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "Por defecto: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5747,32 +5776,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5781,7 +5810,7 @@ msgstr "" "restringe las búsquedas del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5790,7 +5819,7 @@ msgstr "" "utilizada por ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5800,7 +5829,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5809,12 +5838,12 @@ msgstr "" "su shell fijado en /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5823,7 +5852,7 @@ msgstr "" "restringe las búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5832,17 +5861,17 @@ msgstr "" "utilizada por ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5854,7 +5883,7 @@ msgstr "" ">" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5865,7 +5894,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5885,20 +5914,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6490,7 +6519,7 @@ msgstr "" "host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -6505,7 +6534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6523,12 +6552,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6549,12 +6578,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6596,12 +6625,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6609,12 +6638,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6633,19 +6662,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6761,7 +6790,7 @@ msgstr "" "Verifica con la ayuda de krb5_keytab que el TGT obtenido no ha sido burlado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7469,7 +7498,7 @@ msgstr "ldap_sudo_use_host_filter (booleano)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -7530,9 +7559,25 @@ msgstr "" msgid "Default: Not set" msgstr "Predeterminado: no definido" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "ldap_disable_paging (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "ldap_disable_paging (booleano)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -7542,29 +7587,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7575,7 +7620,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7599,7 +7644,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7611,7 +7656,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7622,7 +7667,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/eu.po b/src/man/po/eu.po index 2cf079e84..902f5ebc5 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 1.8.95\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" "PO-Revision-Date: 2012-07-18 21:31+0300\n" "Last-Translator: Automatically generated\n" "Language-Team: none\n" @@ -430,8 +430,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -489,10 +489,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -508,8 +508,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -528,7 +528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -567,7 +567,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1328,7 +1328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2008,8 +2008,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2053,7 +2053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2311,8 +2311,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2748,7 +2748,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2775,14 +2775,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3119,8 +3119,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3285,29 +3285,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3315,14 +3340,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3330,7 +3355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3339,18 +3364,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3358,172 +3383,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3531,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3539,12 +3564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3552,12 +3577,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3568,12 +3593,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3581,12 +3606,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3595,34 +3620,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3630,14 +3655,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3645,17 +3670,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3665,12 +3690,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3678,17 +3703,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3696,13 +3721,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3711,7 +3736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3719,26 +3744,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3746,7 +3771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3754,7 +3779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3762,41 +3787,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3805,32 +3830,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3838,24 +3863,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3863,17 +3888,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3884,29 +3909,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3915,17 +3940,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3933,49 +3958,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3983,27 +4008,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4015,7 +4040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4023,7 +4048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4031,39 +4056,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4073,7 +4098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4081,26 +4106,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4108,7 +4133,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4116,31 +4141,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4149,56 +4174,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4209,12 +4234,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4223,14 +4248,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4239,24 +4264,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4264,19 +4289,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4285,7 +4310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4293,7 +4318,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4302,7 +4327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4310,108 +4335,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4422,7 +4447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4440,213 +4465,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4654,106 +4679,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4762,76 +4787,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4840,46 +4865,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4887,43 +4912,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4931,7 +4956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4939,7 +4964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4952,20 +4977,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5400,7 +5425,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5415,7 +5440,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5430,12 +5455,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5456,12 +5481,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5503,12 +5528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5516,12 +5541,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5540,19 +5565,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5655,7 +5680,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6272,7 +6297,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6331,9 +6356,23 @@ msgstr "" msgid "Default: Not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6343,29 +6382,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6373,7 +6412,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6388,7 +6427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6397,7 +6436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6405,7 +6444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/fr.po b/src/man/po/fr.po index 5a025db8b..302456da0 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-29 13:10+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n" "Language-Team: French (http://www.transifex.com/projects/p/fedora/language/" "fr/)\n" @@ -531,8 +531,8 @@ msgstr "" "user@domain.name, pour se connecter." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -600,10 +600,10 @@ msgstr "Ajoute un horodatage aux messages de débogage" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Par défaut : true" @@ -619,8 +619,8 @@ msgstr "Ajouter les microsecondes à l'horodatage dans les messages de débogage #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -641,7 +641,7 @@ msgstr "" "s'assurer que le processus est toujours actif et capable de répondre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Par défaut : 10" @@ -689,7 +689,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Par défaut : 60" @@ -1629,7 +1629,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "Par défaut : aucun" @@ -2479,8 +2479,8 @@ msgstr "" "domaine continuera à opérer en mode déconnecté." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Par défaut : 6" @@ -2530,7 +2530,7 @@ msgstr "" "Actuellement, cette option n'est pas supportée dans le fournisseur local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "Par défaut : True" @@ -2838,8 +2838,8 @@ msgid "Default: None, no command is run" msgstr "Par défaut : None, aucune commande lancée" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "EXEMPLE" @@ -3373,7 +3373,7 @@ msgstr "" "L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "Par défaut : nsUniqueId" @@ -3404,7 +3404,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3413,7 +3413,7 @@ msgstr "" "l'objet parent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "Par défaut : modifyTimestamp" @@ -3807,8 +3807,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "Par défaut : cn" @@ -3992,11 +3992,40 @@ msgstr "ldap_group_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (entier)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "L'attribut LDAP contenant les noms des membres du groupe." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -4008,17 +4037,17 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -4030,7 +4059,7 @@ msgstr "" "complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4040,7 +4069,7 @@ msgstr "" "imbrications très complexes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4051,7 +4080,7 @@ msgstr "" "essentiellement « auto-detect »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4064,18 +4093,18 @@ msgstr "" "documentation de MSDN(TM)</ulink> pour plus de détails." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4087,71 +4116,71 @@ msgstr "" "complexes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "La classe d'objet d'une entrée de netgroup dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la " "place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "Par défaut : nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "L'attribut LDAP correspondant au nom du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "L'attribut LDAP contenant les noms des membres du netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "Par défaut : memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -4159,59 +4188,59 @@ msgstr "" "netgroup." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "Cette option n'est pas disponible dans le fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "Par défaut : nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet netgroup LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" "Dans le fournisseur IPA, ipa_netgroup_uuid doit être utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "La classe d'objet d'une entrée de service LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "Par défaut : ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "ldap_service_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4220,48 +4249,48 @@ msgstr "" "alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "ldap_service_port (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "L'attribut LDAP qui contient le port géré par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "Par défaut : ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "L'attribut LDAP qui contient les protocoles compris par ce service." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "Par défaut : ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4272,7 +4301,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4283,12 +4312,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4299,12 +4328,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4321,12 +4350,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4337,12 +4366,12 @@ msgstr "" "contrôler le délai de communication avec le KDC dans le cas d'un appel SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4355,17 +4384,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4374,17 +4403,17 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4396,7 +4425,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4406,7 +4435,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4417,17 +4446,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4443,12 +4472,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4459,19 +4488,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4482,7 +4511,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4490,7 +4519,7 @@ msgstr "" "affectant la valeur 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4503,7 +4532,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4514,12 +4543,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4528,7 +4557,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4537,7 +4566,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4548,7 +4577,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4559,7 +4588,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4570,22 +4599,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4594,7 +4623,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4603,12 +4632,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4622,32 +4651,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4659,12 +4688,12 @@ msgstr "" "manvolnum></citerefentry> pour le format." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4674,12 +4703,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4691,19 +4720,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (entiers)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4723,17 +4752,17 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4742,12 +4771,12 @@ msgstr "" "pris en charge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4761,17 +4790,17 @@ msgstr "" "exemple host/myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4782,17 +4811,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4801,34 +4830,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4839,27 +4868,27 @@ msgstr "" "SASL est utilisé et que le mécanisme choisi est GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4879,7 +4908,7 @@ msgstr "" "SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4890,7 +4919,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4902,29 +4931,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4934,12 +4963,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4954,7 +4983,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4966,12 +4995,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4980,7 +5009,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4989,7 +5018,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -5000,7 +5029,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -5012,24 +5041,24 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5038,7 +5067,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5052,29 +5081,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5083,19 +5112,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5105,12 +5134,12 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5128,12 +5157,12 @@ msgstr "" "permit de changer ce comportement par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5145,7 +5174,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -5154,7 +5183,7 @@ msgstr "" "allowedusers »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5166,17 +5195,17 @@ msgstr "" "Si tel était le cas, l'accès sera conservé en mode hors-ligne et vice-versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5185,7 +5214,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5197,12 +5226,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5211,7 +5240,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5224,7 +5253,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5235,7 +5264,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5248,7 +5277,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5259,29 +5288,29 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5290,18 +5319,18 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5310,12 +5339,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5324,12 +5353,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5339,7 +5368,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5348,7 +5377,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5357,7 +5386,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5366,12 +5395,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5380,7 +5409,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5398,7 +5427,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5424,57 +5453,57 @@ msgstr "" "détails. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "Par défaut : sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "L'attribut LDAP qui correspond au nom de la commande." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "Par défaut : sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5483,17 +5512,17 @@ msgstr "" "réseau IP de l'hôte ou netgroup de l'hôte)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "Par défaut : sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5502,32 +5531,32 @@ msgstr "" "groupe ou netgroup de l'utilisateur)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "Par défaut : sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "L'attribut LDAP qui correspond aux options sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "Par défaut : sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5536,17 +5565,17 @@ msgstr "" "nom d'utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "Par défaut : sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5555,17 +5584,17 @@ msgstr "" "les commandes seront être exécutées." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "Par défaut : sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5574,17 +5603,17 @@ msgstr "" "règle sudo est valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "Par défaut : sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5593,32 +5622,32 @@ msgstr "" "règle sudo ne sera plus valide." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "Par défaut : sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "Par défaut : sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5628,7 +5657,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5637,17 +5666,17 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5659,7 +5688,7 @@ msgstr "" "cache)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5668,12 +5697,12 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5683,12 +5712,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5697,7 +5726,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5706,8 +5735,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5716,17 +5745,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5735,7 +5764,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5744,12 +5773,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5758,12 +5787,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -5772,12 +5801,12 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5790,12 +5819,12 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5804,48 +5833,48 @@ msgstr "" "qui est RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" "La classe d'objet d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "Par défaut : automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "Le nom d'une entrée de table de montage automatique dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "Par défaut : ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5854,17 +5883,17 @@ msgstr "" "généralement à un point de montage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "Par défaut : automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5877,32 +5906,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5911,7 +5940,7 @@ msgstr "" "restreint les recherches utilisateur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5920,7 +5949,7 @@ msgstr "" "utilisée par ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5930,7 +5959,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5939,12 +5968,12 @@ msgstr "" "interpréteur de commande défini en /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5953,7 +5982,7 @@ msgstr "" "restreint les recherches de groupe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5962,17 +5991,17 @@ msgstr "" "utilisée par ldap_group_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5984,7 +6013,7 @@ msgstr "" "\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5995,7 +6024,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -6015,20 +6044,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6626,7 +6655,7 @@ msgstr "" "identifier l'hôte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -6646,7 +6675,7 @@ msgstr "" "l'utilisation de l'option <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6668,12 +6697,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6700,12 +6729,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6762,12 +6791,12 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6779,12 +6808,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6809,12 +6838,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -6823,7 +6852,7 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" @@ -6941,7 +6970,7 @@ msgid "" msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7697,7 +7726,7 @@ msgstr "ad_enable_dns_sites (booléen)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -7758,9 +7787,25 @@ msgstr "" msgid "Default: Not set" msgstr "Par défaut : non défini" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "ad_enable_dns_sites (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "ad_enable_dns_sites (booléen)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -7777,22 +7822,22 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "Par défaut : utilise l'adresse IP de la connexion LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7802,7 +7847,7 @@ msgstr "" "principals d'entreprise." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7813,7 +7858,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7837,7 +7882,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7849,7 +7894,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7860,7 +7905,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 7715586a6..f42e23e53 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-09-10 08:30+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n" "Language-Team: Japanese (http://www.transifex.com/projects/p/fedora/language/" "ja/)\n" @@ -497,8 +497,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -564,10 +564,10 @@ msgstr "デバッグメッセージに日時を追加します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "初期値: true" @@ -583,8 +583,8 @@ msgstr "デバッグメッセージの日時にマイクロ秒を追加します #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -603,7 +603,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "初期値: 10" @@ -645,7 +645,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "初期値: 60" @@ -1491,7 +1491,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "初期値: none" @@ -2270,8 +2270,8 @@ msgstr "" "ドにて操作を継続します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "初期値: 6" @@ -2319,7 +2319,7 @@ msgstr "" "このオプションはローカルプロバイダーにおいてサポートされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "初期値: True" @@ -2610,8 +2610,8 @@ msgid "Default: None, no command is run" msgstr "初期値: なし、コマンドを実行しません" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "例" @@ -3099,7 +3099,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "初期値: nsUniqueId" @@ -3130,14 +3130,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "初期値: modifyTimestamp" @@ -3521,8 +3521,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "ユーザーの完全名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "初期値: cn" @@ -3699,11 +3699,40 @@ msgstr "ldap_group_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (整数)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "グループのメンバーの名前を含む LDAP の属性です。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3714,17 +3743,17 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3732,14 +3761,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3747,7 +3776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3756,18 +3785,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3775,69 +3804,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "初期値: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "ネットワークグループ名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" "IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "初期値: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" @@ -3845,107 +3874,107 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "初期値: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" "LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "初期値: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "ldap_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "ldap_service_port (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "このサービスにより管理されるポートを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "初期値: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "初期値: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3953,7 +3982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3964,12 +3993,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3977,12 +4006,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3998,12 +4027,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4013,12 +4042,12 @@ msgstr "" "を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4027,17 +4056,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4046,17 +4075,17 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4067,7 +4096,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4077,7 +4106,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4088,17 +4117,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4108,12 +4137,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4121,17 +4150,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4139,13 +4168,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4154,7 +4183,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4162,12 +4191,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4176,7 +4205,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4185,7 +4214,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4196,7 +4225,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4207,7 +4236,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4217,22 +4246,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4242,7 +4271,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4251,12 +4280,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4269,32 +4298,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4305,12 +4334,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4319,12 +4348,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4332,18 +4361,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4354,17 +4383,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4373,12 +4402,12 @@ msgstr "" "れます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4387,17 +4416,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4405,17 +4434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4424,33 +4453,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4461,27 +4490,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4493,7 +4522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4504,7 +4533,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4515,27 +4544,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4544,12 +4573,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4559,7 +4588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4570,12 +4599,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4584,7 +4613,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4593,7 +4622,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4604,7 +4633,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4615,24 +4644,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -4641,7 +4670,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4650,28 +4679,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -4680,29 +4709,29 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4713,12 +4742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4730,7 +4759,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -4739,7 +4768,7 @@ msgstr "" "ンバーに制限されることを意味します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4752,17 +4781,17 @@ msgstr "" "た同様です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -4771,7 +4800,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4782,12 +4811,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -4796,7 +4825,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4805,7 +4834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4816,7 +4845,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4829,7 +4858,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4837,28 +4866,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -4867,30 +4896,30 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -4899,12 +4928,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -4913,7 +4942,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -4922,7 +4951,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -4931,7 +4960,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -4940,19 +4969,19 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4963,7 +4992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4986,57 +5015,57 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "初期値: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "sudo ルール名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "コマンド名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "初期値: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5045,17 +5074,17 @@ msgstr "" "クグループ)に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "初期値: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5064,49 +5093,49 @@ msgstr "" "る LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "初期値: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "sudo オプションに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "初期値: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "初期値: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5114,34 +5143,34 @@ msgstr "" "コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "初期値: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "初期値: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." @@ -5150,39 +5179,39 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "初期値: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "初期値: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5191,17 +5220,17 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5209,31 +5238,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5242,15 +5271,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5259,17 +5288,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5278,7 +5307,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5286,36 +5315,36 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5327,59 +5356,59 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "初期値: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "LDAP における automount のマップエントリーの名前です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "初期値: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5388,17 +5417,17 @@ msgstr "" "ントと対応します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "初期値: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5411,32 +5440,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5445,7 +5474,7 @@ msgstr "" "定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5454,7 +5483,7 @@ msgstr "" "<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5464,7 +5493,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5473,12 +5502,12 @@ msgstr "" "制限されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5487,7 +5516,7 @@ msgstr "" "定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5496,17 +5525,17 @@ msgstr "" "<emphasis>廃止されます</emphasis>。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5517,7 +5546,7 @@ msgstr "" "さい。 <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5528,7 +5557,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5548,20 +5577,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6098,7 +6127,7 @@ msgstr "" "使用される完全修飾名を反映しないマシンにおいて設定されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -6113,7 +6142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6131,12 +6160,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6157,12 +6186,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6204,12 +6233,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6217,12 +6246,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6241,12 +6270,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -6255,7 +6284,7 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -6372,7 +6401,7 @@ msgstr "" "取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7050,7 +7079,7 @@ msgstr "ad_enable_dns_sites (論理値)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -7111,9 +7140,25 @@ msgstr "" msgid "Default: Not set" msgstr "初期値: 設定されません" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "ad_enable_dns_sites (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "ad_enable_dns_sites (論理値)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -7123,22 +7168,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "初期値: AD の LDAP 接続の IP アドレスを使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7148,7 +7193,7 @@ msgstr "" "してください。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7159,7 +7204,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7183,7 +7228,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7195,7 +7240,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7203,7 +7248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/lv.po b/src/man/po/lv.po index bfc3b2590..66c48932e 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/fedora/language/" "lv/)\n" @@ -434,8 +434,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -493,10 +493,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -512,8 +512,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -532,7 +532,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Noklusējuma: 10" @@ -571,7 +571,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Noklusējuma: 60" @@ -1332,7 +1332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2012,8 +2012,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Noklusējuma: 6" @@ -2057,7 +2057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2315,8 +2315,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "PIEMĒRS" @@ -2752,7 +2752,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2779,14 +2779,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3123,8 +3123,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3289,11 +3289,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "noildze (vesels skaitlis)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3301,17 +3328,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3319,14 +3346,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3334,7 +3361,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3343,18 +3370,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3362,172 +3389,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3535,7 +3562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3543,12 +3570,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3556,12 +3583,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3572,12 +3599,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3585,12 +3612,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3599,34 +3626,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3634,14 +3661,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3649,17 +3676,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3669,12 +3696,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3682,17 +3709,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3700,13 +3727,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3715,7 +3742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3723,26 +3750,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3750,7 +3777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3758,7 +3785,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3766,41 +3793,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3809,32 +3836,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3842,24 +3869,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3867,17 +3894,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3888,29 +3915,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3919,17 +3946,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3937,49 +3964,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3987,27 +4014,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4019,7 +4046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4027,7 +4054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4035,39 +4062,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4077,7 +4104,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4085,26 +4112,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4112,7 +4139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4120,31 +4147,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4153,56 +4180,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4213,12 +4240,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4227,14 +4254,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4243,24 +4270,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4268,19 +4295,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4289,7 +4316,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4297,7 +4324,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4306,7 +4333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4314,108 +4341,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4426,7 +4453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4444,213 +4471,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4658,106 +4685,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4766,76 +4793,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4844,46 +4871,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4891,43 +4918,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4935,7 +4962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4943,7 +4970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4956,20 +4983,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5404,7 +5431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5419,7 +5446,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5434,12 +5461,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5460,12 +5487,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5507,12 +5534,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5520,12 +5547,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5544,19 +5571,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5659,7 +5686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6276,7 +6303,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6337,9 +6364,23 @@ msgstr "" msgid "Default: Not set" msgstr "Noklusējuma: filtrēt" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6349,29 +6390,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6379,7 +6420,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6394,7 +6435,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6403,7 +6444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6411,7 +6452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/nl.po b/src/man/po/nl.po index e2d266ebc..29d6397c2 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/" "nl/)\n" @@ -481,8 +481,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -540,10 +540,10 @@ msgstr "Voeg een tijdstempel toe aan de debugberichten" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Standaard: true" @@ -559,8 +559,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -579,7 +579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -618,7 +618,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1385,7 +1385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2070,8 +2070,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2115,7 +2115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2373,8 +2373,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2810,7 +2810,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2837,14 +2837,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3181,8 +3181,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3347,11 +3347,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "debug_level (integer)" +msgid "ldap_group_type (integer)" +msgstr "debug_level (numeriek)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3359,17 +3386,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3377,14 +3404,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3392,7 +3419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3401,18 +3428,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3420,172 +3447,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3593,7 +3620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3601,12 +3628,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3614,12 +3641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3630,12 +3657,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3643,12 +3670,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3657,34 +3684,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3692,14 +3719,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3707,17 +3734,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3727,12 +3754,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3740,17 +3767,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3758,13 +3785,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3773,7 +3800,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3781,26 +3808,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3808,7 +3835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3816,7 +3843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3824,41 +3851,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3867,32 +3894,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3900,24 +3927,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3925,17 +3952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3946,29 +3973,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3977,17 +4004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3995,49 +4022,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4045,27 +4072,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4077,7 +4104,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4085,7 +4112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4093,39 +4120,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4135,7 +4162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4143,26 +4170,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4170,7 +4197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4178,31 +4205,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4211,56 +4238,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4271,12 +4298,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4285,14 +4312,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4301,24 +4328,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4326,19 +4353,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4347,7 +4374,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4355,7 +4382,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4364,7 +4391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4372,108 +4399,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4484,7 +4511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4502,213 +4529,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4716,106 +4743,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4824,76 +4851,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4902,46 +4929,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4949,43 +4976,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4993,7 +5020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5001,7 +5028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5014,20 +5041,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5462,7 +5489,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5477,7 +5504,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5492,12 +5519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5518,12 +5545,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5565,12 +5592,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5578,12 +5605,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5602,19 +5629,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5717,7 +5744,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6334,7 +6361,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6395,9 +6422,23 @@ msgstr "" msgid "Default: Not set" msgstr "Standaard: true" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6407,29 +6448,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6437,7 +6478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6452,7 +6493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6461,7 +6502,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6469,7 +6510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/pt.po b/src/man/po/pt.po index cb1e36502..974ee02cf 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/fedora/" "language/pt/)\n" @@ -463,8 +463,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -522,10 +522,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -541,8 +541,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -561,7 +561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Padrão: 10" @@ -600,7 +600,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Padrão: 60" @@ -1363,7 +1363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "Padrão: none" @@ -2043,8 +2043,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Padrão: 6" @@ -2088,7 +2088,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "Padrão: TRUE" @@ -2346,8 +2346,8 @@ msgid "Default: None, no command is run" msgstr "Padrão: None, nenhum comando é executado" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "EXEMPLO" @@ -2811,7 +2811,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "Padrão: nsUniqueId" @@ -2838,14 +2838,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "Padrão: modifyTimestamp" @@ -3182,8 +3182,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "Padrão: NC" @@ -3348,11 +3348,38 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (integer)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3360,17 +3387,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3378,14 +3405,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3393,7 +3420,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3402,18 +3429,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3421,172 +3448,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "Padrão: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3594,7 +3621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3602,12 +3629,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3615,12 +3642,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3631,12 +3658,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3644,12 +3671,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3658,34 +3685,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3693,14 +3720,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3708,17 +3735,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3728,12 +3755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3741,17 +3768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3759,13 +3786,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3774,7 +3801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3782,19 +3809,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -3803,7 +3830,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3811,7 +3838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3819,7 +3846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3827,41 +3854,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3870,32 +3897,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3903,24 +3930,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3928,17 +3955,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3949,29 +3976,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3980,17 +4007,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3998,50 +4025,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4049,27 +4076,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4081,7 +4108,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4089,7 +4116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4097,39 +4124,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4139,7 +4166,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4147,26 +4174,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4174,7 +4201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4182,31 +4209,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4215,56 +4242,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4275,12 +4302,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4289,14 +4316,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4305,24 +4332,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4330,19 +4357,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4351,7 +4378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4359,7 +4386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4368,7 +4395,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4376,108 +4403,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4488,7 +4515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4506,213 +4533,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4720,106 +4747,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4828,76 +4855,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4906,46 +4933,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4953,43 +4980,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4997,7 +5024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5005,7 +5032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5018,20 +5045,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5472,7 +5499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5487,7 +5514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5502,12 +5529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5528,12 +5555,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5575,12 +5602,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5588,12 +5615,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5612,19 +5639,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5727,7 +5754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6350,7 +6377,7 @@ msgstr "case_sensitive (boolean)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6411,9 +6438,25 @@ msgstr "" msgid "Default: Not set" msgstr "Padrão: host" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "case_sensitive (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "case_sensitive (boolean)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6423,29 +6466,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6453,7 +6496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6468,7 +6511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6477,7 +6520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6485,7 +6528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/ru.po b/src/man/po/ru.po index e39f34dea..eeca1f9ee 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Russian (http://www.transifex.com/projects/p/fedora/language/" "ru/)\n" @@ -434,8 +434,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -493,10 +493,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -512,8 +512,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -532,7 +532,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "По умолчанию: 10" @@ -571,7 +571,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1332,7 +1332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2012,8 +2012,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2057,7 +2057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2315,8 +2315,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "ПРИМЕР" @@ -2752,7 +2752,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2779,14 +2779,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "По умолчанию: modifyTimestamp" @@ -3123,8 +3123,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3289,29 +3289,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3319,14 +3344,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3334,7 +3359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3343,18 +3368,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3362,172 +3387,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3535,7 +3560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3543,12 +3568,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3556,12 +3581,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3572,12 +3597,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3585,12 +3610,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3599,34 +3624,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3634,14 +3659,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3649,17 +3674,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3669,12 +3694,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3682,17 +3707,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3700,13 +3725,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3715,7 +3740,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3723,26 +3748,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3750,7 +3775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3758,7 +3783,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3766,41 +3791,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3809,32 +3834,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3842,24 +3867,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3867,17 +3892,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3888,29 +3913,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3919,17 +3944,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3937,49 +3962,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3987,27 +4012,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4019,7 +4044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4027,7 +4052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4035,39 +4060,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4077,7 +4102,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4085,26 +4110,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4112,7 +4137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4120,31 +4145,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4153,56 +4178,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4213,12 +4238,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4227,14 +4252,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4243,24 +4268,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4268,19 +4293,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4289,7 +4314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4297,7 +4322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4306,7 +4331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4314,108 +4339,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4426,7 +4451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4444,213 +4469,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4658,106 +4683,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4766,76 +4791,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4844,46 +4869,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4891,43 +4916,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4935,7 +4960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4943,7 +4968,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4956,20 +4981,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5404,7 +5429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5419,7 +5444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5434,12 +5459,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5460,12 +5485,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5507,12 +5532,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5520,12 +5545,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5544,19 +5569,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5659,7 +5684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6276,7 +6301,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6337,9 +6362,23 @@ msgstr "" msgid "Default: Not set" msgstr "По умолчанию: root" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6349,29 +6388,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6379,7 +6418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6394,7 +6433,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6403,7 +6442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6411,7 +6450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index 8fa1f2f1b..41529478c 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.11.2\n" +"Project-Id-Version: sssd-docs 1.11.3\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -409,7 +409,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156 msgid "Default: not set" msgstr "" @@ -464,7 +464,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -479,7 +479,7 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 +#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" msgstr "" @@ -496,7 +496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -534,7 +534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1295,7 +1295,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -1972,7 +1972,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2016,7 +2016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2273,7 +2273,7 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2709,7 +2709,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2736,14 +2736,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3081,7 +3081,7 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 sssd-ipa.5.xml:614 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3245,29 +3245,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " "will follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3275,14 +3300,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3290,7 +3315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink " @@ -3299,17 +3324,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3317,169 +3342,169 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3487,7 +3512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3495,12 +3520,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3508,12 +3533,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -3524,12 +3549,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3537,12 +3562,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3551,34 +3576,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3586,7 +3611,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -3594,7 +3619,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3602,17 +3627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3622,12 +3647,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3635,17 +3660,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3653,12 +3678,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3667,7 +3692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3675,26 +3700,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3702,7 +3727,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3710,7 +3735,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3718,41 +3743,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3761,32 +3786,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3794,24 +3819,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3819,17 +3844,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3840,29 +3865,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3872,17 +3897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3890,49 +3915,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3940,27 +3965,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -3972,7 +3997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -3980,7 +4005,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -3989,39 +4014,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4031,7 +4056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -4040,26 +4065,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -4068,7 +4093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4076,31 +4101,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4109,56 +4134,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4169,12 +4194,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4183,14 +4208,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4199,24 +4224,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4224,19 +4249,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4245,7 +4270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -4253,7 +4278,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4262,7 +4287,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -4270,108 +4295,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4382,7 +4407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4400,213 +4425,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4614,105 +4639,105 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4721,76 +4746,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder " "type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" " @@ -4799,46 +4824,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = " @@ -4847,43 +4872,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4891,7 +4916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4899,7 +4924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4912,17 +4937,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:63 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 sssd.8.xml:191 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5363,7 +5388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5378,7 +5403,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5393,12 +5418,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5419,12 +5444,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5467,12 +5492,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5480,12 +5505,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5504,19 +5529,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5618,7 +5643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6237,7 +6262,7 @@ msgstr "" msgid "" "This option specifies LDAP access control filter that the user must match in " "order to be allowed access. Please note that the " -"<quote>access_filter</quote> option must be explicitly set to " +"<quote>access_provider</quote> option must be explicitly set to " "<quote>ad</quote> in order for this option to have an effect." msgstr "" @@ -6295,9 +6320,23 @@ msgstr "" msgid "Default: Not set" msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a " +"fallback. Disabling this option makes the SSSD only connect to the LDAP port " +"of the current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6307,22 +6346,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise " "principal. See section 5 of RFC 6806 for more details about enterprise " @@ -6330,7 +6369,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -6338,7 +6377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6353,7 +6392,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6362,7 +6401,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6370,7 +6409,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/tg.po b/src/man/po/tg.po index 3695ce610..0f5667709 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -7,8 +7,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/" "tg/)\n" @@ -432,8 +432,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -491,10 +491,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Пешфарз: true" @@ -510,8 +510,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -530,7 +530,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Пешфарз: 10" @@ -569,7 +569,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1330,7 +1330,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2010,8 +2010,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Пешфарз: 6" @@ -2055,7 +2055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2313,8 +2313,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "НАМУНА" @@ -2750,7 +2750,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2777,14 +2777,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3121,8 +3121,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3287,29 +3287,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3317,14 +3342,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3332,7 +3357,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3341,18 +3366,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3360,172 +3385,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3533,7 +3558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3541,12 +3566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3554,12 +3579,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3570,12 +3595,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3583,12 +3608,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3597,34 +3622,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3632,14 +3657,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3647,17 +3672,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3667,12 +3692,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3680,17 +3705,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3698,13 +3723,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3713,7 +3738,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3721,26 +3746,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3748,7 +3773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3756,7 +3781,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3764,41 +3789,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3807,32 +3832,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3840,24 +3865,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3865,17 +3890,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3886,29 +3911,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3917,17 +3942,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3935,49 +3960,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3985,27 +4010,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4017,7 +4042,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4025,7 +4050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4033,39 +4058,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4075,7 +4100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4083,26 +4108,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4110,7 +4135,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4118,31 +4143,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4151,56 +4176,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4211,12 +4236,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4225,14 +4250,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4241,24 +4266,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4266,19 +4291,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4287,7 +4312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4295,7 +4320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4304,7 +4329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4312,108 +4337,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4424,7 +4449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4442,213 +4467,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4656,106 +4681,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4764,76 +4789,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4842,46 +4867,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4889,43 +4914,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4933,7 +4958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4941,7 +4966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4954,20 +4979,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5402,7 +5427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5417,7 +5442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5432,12 +5457,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5458,12 +5483,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5505,12 +5530,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5518,12 +5543,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5542,19 +5567,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5657,7 +5682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6274,7 +6299,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6335,9 +6360,23 @@ msgstr "" msgid "Default: Not set" msgstr "Пешфарз: true" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6347,29 +6386,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6377,7 +6416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6392,7 +6431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6401,7 +6440,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6409,7 +6448,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/uk.po b/src/man/po/uk.po index de16eca0a..89dc47c10 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -10,8 +10,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 13:30+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian (http://www.transifex.com/projects/p/fedora/" "language/uk/)\n" @@ -528,8 +528,8 @@ msgstr "" "користувач@назва.домену, для входу до системи." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -596,10 +596,10 @@ msgstr "Додати часову позначку до діагностични #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "Типове значення: true" @@ -616,8 +616,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -638,7 +638,7 @@ msgstr "" "перевірки працездатності процесу та його змоги відповідати на запити." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "Типове значення: 10" @@ -687,7 +687,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "Типове значення: 60" @@ -1617,7 +1617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "Типове значення: none" @@ -2456,8 +2456,8 @@ msgstr "" "очікування буде перевищено, домен продовжуватиме роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "Типове значення: 6" @@ -2506,7 +2506,7 @@ msgstr "" "версії підтримку передбачено лише для локальних надавачів даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "Типове значення: True" @@ -2813,8 +2813,8 @@ msgid "Default: None, no command is run" msgstr "Типове значення: None, не виконувати жодних команд" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "ПРИКЛАД" @@ -3341,7 +3341,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "Типове значення: nsUniqueId" @@ -3372,7 +3372,7 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "ldap_user_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." @@ -3381,7 +3381,7 @@ msgstr "" "об’єкта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "Типове значення: modifyTimestamp" @@ -3775,8 +3775,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "Атрибут LDAP, що відповідає повному імені користувача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "Типове значення: cn" @@ -3959,11 +3959,40 @@ msgstr "ldap_group_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 +#, fuzzy +#| msgid "ldap_opt_timeout (integer)" +msgid "ldap_group_type (integer)" +msgstr "ldap_opt_timeout (ціле число)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:855 +#, fuzzy +#| msgid "The LDAP attribute that contains the names of the group's members." +msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "Атрибут LDAP, у якому містяться імена учасників групи." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:876 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -3975,17 +4004,17 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "ldap_groups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3997,7 +4026,7 @@ msgstr "" "високим рівнем вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." @@ -4006,7 +4035,7 @@ msgstr "" "можна буде спостерігати лише у дуже складних випадках вкладеності груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -4017,7 +4046,7 @@ msgstr "" "можливості. Отже, насправді значення «True» означає «визначити автоматично»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -4030,18 +4059,18 @@ msgstr "" "windows/desktop/aa746475%28v=vs.85%29.aspx\">документації MSDN(TM)</ulink>." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "ldap_initgroups_use_matching_rule_in_chain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -4054,126 +4083,126 @@ msgstr "" "вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "ldap_netgroup_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "Типове значення: nisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "ldap_netgroup_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "ldap_netgroup_member (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" "Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "Типове значення: memberNisNetgroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "ldap_netgroup_triple (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" "Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "Цим параметром не можна скористатися у надавачі даних IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "Типове значення: nisNetgroupTriple" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "ldap_netgroup_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта мережевої групи LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "У надавачі даних IPA має бути використано ipa_netgroup_uuid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "ldap_netgroup_modify_timestamp (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "ldap_service_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "Клас об’єктів запису служби у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "Типове значення: ipService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "ldap_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." @@ -4181,48 +4210,48 @@ msgstr "" "Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "ldap_service_port (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "Типове значення: ipServicePort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "ldap_service_proto (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "Типове значення: ipServiceProtocol" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -4233,7 +4262,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -4244,12 +4273,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -4260,12 +4289,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -4282,12 +4311,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -4299,12 +4328,12 @@ msgstr "" "випадку прив’язки SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -4318,17 +4347,17 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -4338,17 +4367,17 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -4359,7 +4388,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -4369,7 +4398,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -4380,17 +4409,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -4406,12 +4435,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -4422,19 +4451,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -4446,7 +4475,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" @@ -4454,7 +4483,7 @@ msgstr "" "(розіменуванням), якщо вкажете значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -4467,7 +4496,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -4478,12 +4507,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -4493,7 +4522,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -4502,7 +4531,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4514,7 +4543,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -4525,7 +4554,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -4536,22 +4565,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -4560,7 +4589,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -4569,12 +4598,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -4587,32 +4616,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -4624,12 +4653,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." @@ -4638,12 +4667,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> для захисту каналу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -4655,19 +4684,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -4687,18 +4716,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." @@ -4707,12 +4736,12 @@ msgstr "" "перевірено і підтримується лише механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -4727,17 +4756,17 @@ msgstr "" "myhost)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -4749,17 +4778,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -4769,34 +4798,34 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -4807,27 +4836,27 @@ msgstr "" "механізм GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4846,7 +4875,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4858,7 +4887,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4869,29 +4898,29 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -4901,12 +4930,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4921,7 +4950,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4932,12 +4961,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -4946,7 +4975,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -4955,7 +4984,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4966,7 +4995,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4977,25 +5006,25 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -5004,7 +5033,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -5018,28 +5047,28 @@ msgstr "" "«false» може значно пришвидшити роботу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -5048,17 +5077,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -5067,12 +5096,12 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -5090,12 +5119,12 @@ msgstr "" "скористайтеся параметром access_provider = permit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -5107,7 +5136,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." @@ -5115,7 +5144,7 @@ msgstr "" "У прикладі доступ до вузла обмежено учасниками групи «allowedusers» у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -5129,17 +5158,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -5148,7 +5177,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -5159,12 +5188,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -5173,7 +5202,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -5186,7 +5215,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -5197,7 +5226,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -5210,7 +5239,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -5221,30 +5250,30 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -5253,19 +5282,19 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -5274,12 +5303,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -5288,13 +5317,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -5304,7 +5333,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -5313,7 +5342,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -5322,7 +5351,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -5331,12 +5360,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -5345,7 +5374,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -5363,7 +5392,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -5390,57 +5419,57 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "ldap_sudorule_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "Клас об’єктів запису правила sudo у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "Типове значення: sudoRole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "ldap_sudorule_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "Атрибут LDAP, що відповідає назві правила sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "ldap_sudorule_command (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "Атрибут LDAP, що відповідає назві команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "Типове значення: sudoCommand" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "ldap_sudorule_host (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" @@ -5449,17 +5478,17 @@ msgstr "" "вузла, мережевій групі вузла)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "Типове значення: sudoHost" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "ldap_sudorule_user (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" @@ -5468,32 +5497,32 @@ msgstr "" "або назві мережевої групи користувача)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "Типове значення: sudoUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "ldap_sudorule_option (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "Атрибут LDAP, що відповідає параметрам sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "Типове значення: sudoOption" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "ldap_sudorule_runasuser (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." @@ -5502,17 +5531,17 @@ msgstr "" "команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "Типове значення: sudoRunAsUser" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "ldap_sudorule_runasgroup (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." @@ -5521,17 +5550,17 @@ msgstr "" "виконувати команди." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "Типове значення: sudoRunAsGroup" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "ldap_sudorule_notbefore (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." @@ -5539,49 +5568,49 @@ msgstr "" "Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "Типове значення: sudoNotBefore" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "ldap_sudorule_notafter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "Типове значення: sudoNotAfter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "ldap_sudorule_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "Атрибут LDAP, що відповідає порядковому номеру правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "Типове значення: sudoOrder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -5591,7 +5620,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -5600,17 +5629,17 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -5621,7 +5650,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення USN у кешованих правилах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -5630,12 +5659,12 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -5645,12 +5674,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -5659,7 +5688,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -5668,8 +5697,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -5678,17 +5707,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -5697,7 +5726,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -5706,12 +5735,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -5720,12 +5749,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -5734,12 +5763,12 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -5752,12 +5781,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." @@ -5766,47 +5795,47 @@ msgstr "" "визначено у RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "ldap_autofs_map_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "Типове значення: automountMap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "ldap_autofs_map_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "Назва запису карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "Типове значення: ou" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "ldap_autofs_entry_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "ldap_autofs_entry_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." @@ -5815,17 +5844,17 @@ msgstr "" "точні монтування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "ldap_autofs_entry_value (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "Типове значення: automountInformation" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -5838,32 +5867,32 @@ msgstr "" "\"variablelist\" id=\"4\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "ldap_user_search_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." @@ -5872,7 +5901,7 @@ msgstr "" "фільтрування LDAP, яким буде обмежено пошук користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." @@ -5881,7 +5910,7 @@ msgstr "" "використовувати синтаксичні конструкції з ldap_user_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -5891,7 +5920,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." @@ -5900,12 +5929,12 @@ msgstr "" "яких встановлено командну оболонку /bin/tcsh." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "ldap_group_search_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." @@ -5914,7 +5943,7 @@ msgstr "" "фільтрування LDAP, яким буде обмежено пошук груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." @@ -5923,17 +5952,17 @@ msgstr "" "використовувати синтаксичні конструкції з ldap_group_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -5944,7 +5973,7 @@ msgstr "" "відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -5955,7 +5984,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -5975,20 +6004,20 @@ msgstr "" " cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -6586,7 +6615,7 @@ msgstr "" "цього вузла." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -6606,7 +6635,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -6627,12 +6656,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -6659,12 +6688,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -6720,12 +6749,12 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -6737,12 +6766,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -6766,12 +6795,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -6780,7 +6809,7 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" @@ -6898,7 +6927,7 @@ msgstr "" "Перевірити за допомогою krb5_keytab, чи не було підмінено отриманий TGT." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -7658,7 +7687,7 @@ msgstr "ad_enable_dns_sites (булеве значення)" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -7719,9 +7748,25 @@ msgstr "" msgid "Default: Not set" msgstr "Типове значення: not set" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +#, fuzzy +#| msgid "ad_enable_dns_sites (boolean)" +msgid "ad_enable_gc (boolean)" +msgstr "ad_enable_dns_sites (булеве значення)" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -7737,22 +7782,22 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "krb5_use_enterprise_principal (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." @@ -7762,7 +7807,7 @@ msgstr "" "реєстраційні дані." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -7773,7 +7818,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -7797,7 +7842,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7809,7 +7854,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -7821,7 +7866,7 @@ msgstr "" "\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index bfd233038..1103747e4 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -8,8 +8,8 @@ msgid "" msgstr "" "Project-Id-Version: SSSD\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2013-10-30 23:21+0100\n" -"PO-Revision-Date: 2013-07-24 12:28+0000\n" +"POT-Creation-Date: 2013-12-19 18:45+0100\n" +"PO-Revision-Date: 2013-11-19 16:29+0000\n" "Last-Translator: jhrozek <jhrozek@redhat.com>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/fedora/" "language/zh_CN/)\n" @@ -439,8 +439,8 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 -#: sssd-ldap.5.xml:1465 sssd-ldap.5.xml:2351 sssd-ldap.5.xml:2378 +#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1392 sssd-ldap.5.xml:1404 +#: sssd-ldap.5.xml:1486 sssd-ldap.5.xml:2372 sssd-ldap.5.xml:2399 #: sssd-krb5.5.xml:401 include/ldap_id_mapping.xml:145 #: include/ldap_id_mapping.xml:156 msgid "Default: not set" @@ -498,10 +498,10 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 -#: sssd-ldap.5.xml:1538 sssd-ldap.5.xml:1635 sssd-ldap.5.xml:1697 -#: sssd-ldap.5.xml:2139 sssd-ldap.5.xml:2204 sssd-ldap.5.xml:2222 -#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:250 -#: sssd-ad.5.xml:338 sssd-krb5.5.xml:490 +#: sssd-ldap.5.xml:1559 sssd-ldap.5.xml:1656 sssd-ldap.5.xml:1718 +#: sssd-ldap.5.xml:2160 sssd-ldap.5.xml:2225 sssd-ldap.5.xml:2243 +#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:166 sssd-ad.5.xml:242 +#: sssd-ad.5.xml:267 sssd-ad.5.xml:355 sssd-krb5.5.xml:490 msgid "Default: true" msgstr "" @@ -517,8 +517,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1763 -#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 -#: sssd-ldap.5.xml:1607 sssd-ldap.5.xml:1935 sssd-ipa.5.xml:139 +#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1433 sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1628 sssd-ldap.5.xml:1956 sssd-ipa.5.xml:139 #: sssd-ipa.5.xml:205 sssd-ipa.5.xml:474 sssd-ipa.5.xml:492 #: sssd-krb5.5.xml:257 sssd-krb5.5.xml:291 sssd-krb5.5.xml:462 msgid "Default: false" @@ -537,7 +537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283 +#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1304 msgid "Default: 10" msgstr "" @@ -576,7 +576,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 -#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1113 +#: sssd.conf.5.xml:751 sssd.conf.5.xml:1014 sssd-ldap.5.xml:1134 msgid "Default: 60" msgstr "" @@ -1337,7 +1337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1666 +#: sssd.conf.5.xml:997 sssd-ldap.5.xml:1687 msgid "Default: none" msgstr "" @@ -2017,8 +2017,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 -#: sssd-ldap.5.xml:1154 sssd-krb5.5.xml:239 +#: sssd.conf.5.xml:1710 sssd-ldap.5.xml:1118 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1175 sssd-krb5.5.xml:239 msgid "Default: 6" msgstr "" @@ -2062,7 +2062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 sssd-ad.5.xml:308 +#: sssd.conf.5.xml:1746 sssd-ad.5.xml:325 msgid "Default: True" msgstr "" @@ -2320,8 +2320,8 @@ msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2404 sssd-simple.5.xml:131 -#: sssd-ipa.5.xml:759 sssd-ad.5.xml:357 sssd-krb5.5.xml:519 +#: sssd.conf.5.xml:1965 sssd-ldap.5.xml:2425 sssd-simple.5.xml:131 +#: sssd-ipa.5.xml:759 sssd-ad.5.xml:374 sssd-krb5.5.xml:519 msgid "EXAMPLE" msgstr "" @@ -2757,7 +2757,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004 +#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1025 msgid "Default: nsUniqueId" msgstr "" @@ -2784,14 +2784,14 @@ msgid "ldap_user_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013 +#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1034 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020 +#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1041 msgid "Default: modifyTimestamp" msgstr "" @@ -3128,8 +3128,8 @@ msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 -#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1968 sssd-ldap.5.xml:2294 +#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:975 +#: sssd-ldap.5.xml:1066 sssd-ldap.5.xml:1989 sssd-ldap.5.xml:2315 #: sssd-ipa.5.xml:614 msgid "Default: cn" msgstr "" @@ -3294,29 +3294,54 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:852 -msgid "ldap_group_nesting_level (integer)" +msgid "ldap_group_type (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:855 msgid "" +"The LDAP attribute that contains an integer value indicating the type of the " +"group and maybe other flags." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:860 +msgid "" +"This attribute is currently only used by the AD provider to determine if a " +"group is a domain local groups and has to be filtered out for trusted " +"domains." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:866 +msgid "Default: groupType in the AD provider, othewise not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:873 +msgid "ldap_group_nesting_level (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:876 +msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " "follow. This option has no effect on the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:862 +#: sssd-ldap.5.xml:883 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:868 +#: sssd-ldap.5.xml:889 msgid "ldap_groups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:892 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which may speed up group lookup operations on deployments with " @@ -3324,14 +3349,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:877 +#: sssd-ldap.5.xml:898 msgid "" "In most common cases, it is best to leave this option disabled. It generally " "only provides a performance increase on very complex nestings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909 +#: sssd-ldap.5.xml:903 sssd-ldap.5.xml:930 msgid "" "If this option is enabled, SSSD will use it if it detects that the server " "supports it during initial connection. So \"True\" here essentially means " @@ -3339,7 +3364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:909 sssd-ldap.5.xml:936 msgid "" "Note: This feature is currently known to work only with Active Directory " "2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/" @@ -3348,18 +3373,18 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 -#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1739 include/ldap_id_mapping.xml:184 +#: sssd-ldap.5.xml:915 sssd-ldap.5.xml:942 sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1254 sssd-ldap.5.xml:1760 include/ldap_id_mapping.xml:184 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:900 +#: sssd-ldap.5.xml:921 msgid "ldap_initgroups_use_matching_rule_in_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:903 +#: sssd-ldap.5.xml:924 msgid "" "This option tells SSSD to take advantage of an Active Directory-specific " "feature which might speed up initgroups operations (most notably when " @@ -3367,172 +3392,172 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:927 +#: sssd-ldap.5.xml:948 msgid "ldap_netgroup_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:930 +#: sssd-ldap.5.xml:951 msgid "The object class of a netgroup entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:933 +#: sssd-ldap.5.xml:954 msgid "In IPA provider, ipa_netgroup_object_class should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:937 +#: sssd-ldap.5.xml:958 msgid "Default: nisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:943 +#: sssd-ldap.5.xml:964 msgid "ldap_netgroup_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:946 +#: sssd-ldap.5.xml:967 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:950 +#: sssd-ldap.5.xml:971 msgid "In IPA provider, ipa_netgroup_name should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:981 msgid "ldap_netgroup_member (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:963 +#: sssd-ldap.5.xml:984 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:967 +#: sssd-ldap.5.xml:988 msgid "In IPA provider, ipa_netgroup_member should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:971 +#: sssd-ldap.5.xml:992 msgid "Default: memberNisNetgroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:977 +#: sssd-ldap.5.xml:998 msgid "ldap_netgroup_triple (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:980 +#: sssd-ldap.5.xml:1001 msgid "" "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017 +#: sssd-ldap.5.xml:1005 sssd-ldap.5.xml:1038 msgid "This option is not available in IPA provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:987 +#: sssd-ldap.5.xml:1008 msgid "Default: nisNetgroupTriple" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:993 +#: sssd-ldap.5.xml:1014 msgid "ldap_netgroup_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:996 +#: sssd-ldap.5.xml:1017 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1000 +#: sssd-ldap.5.xml:1021 msgid "In IPA provider, ipa_netgroup_uuid should be used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1010 +#: sssd-ldap.5.xml:1031 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1026 +#: sssd-ldap.5.xml:1047 msgid "ldap_service_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1029 +#: sssd-ldap.5.xml:1050 msgid "The object class of a service entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#: sssd-ldap.5.xml:1053 msgid "Default: ipService" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1038 +#: sssd-ldap.5.xml:1059 msgid "ldap_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1062 msgid "" "The LDAP attribute that contains the name of service attributes and their " "aliases." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1051 +#: sssd-ldap.5.xml:1072 msgid "ldap_service_port (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1054 +#: sssd-ldap.5.xml:1075 msgid "The LDAP attribute that contains the port managed by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1058 +#: sssd-ldap.5.xml:1079 msgid "Default: ipServicePort" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1064 +#: sssd-ldap.5.xml:1085 msgid "ldap_service_proto (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1067 +#: sssd-ldap.5.xml:1088 msgid "" "The LDAP attribute that contains the protocols understood by this service." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1071 +#: sssd-ldap.5.xml:1092 msgid "Default: ipServiceProtocol" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1077 +#: sssd-ldap.5.xml:1098 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1082 +#: sssd-ldap.5.xml:1103 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1085 +#: sssd-ldap.5.xml:1106 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -3540,7 +3565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1091 +#: sssd-ldap.5.xml:1112 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -3548,12 +3573,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1103 +#: sssd-ldap.5.xml:1124 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1106 +#: sssd-ldap.5.xml:1127 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -3561,12 +3586,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1119 +#: sssd-ldap.5.xml:1140 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1122 +#: sssd-ldap.5.xml:1143 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -3577,12 +3602,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1145 +#: sssd-ldap.5.xml:1166 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1148 +#: sssd-ldap.5.xml:1169 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -3590,12 +3615,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1181 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1163 +#: sssd-ldap.5.xml:1184 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -3604,34 +3629,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2125 +#: sssd-ldap.5.xml:1192 sssd-ldap.5.xml:2146 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1177 +#: sssd-ldap.5.xml:1198 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1180 +#: sssd-ldap.5.xml:1201 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1185 +#: sssd-ldap.5.xml:1206 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1212 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1194 +#: sssd-ldap.5.xml:1215 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -3639,14 +3664,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1200 +#: sssd-ldap.5.xml:1221 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1206 +#: sssd-ldap.5.xml:1227 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -3654,17 +3679,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1218 +#: sssd-ldap.5.xml:1239 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1242 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1245 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -3674,12 +3699,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1239 +#: sssd-ldap.5.xml:1260 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1242 +#: sssd-ldap.5.xml:1263 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -3687,17 +3712,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1248 +#: sssd-ldap.5.xml:1269 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1276 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1258 +#: sssd-ldap.5.xml:1279 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -3705,13 +3730,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1264 +#: sssd-ldap.5.xml:1285 msgid "" "You can turn off dereference lookups completely by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1289 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -3720,7 +3745,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1276 +#: sssd-ldap.5.xml:1297 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -3728,26 +3753,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1289 +#: sssd-ldap.5.xml:1310 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1292 +#: sssd-ldap.5.xml:1313 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1298 +#: sssd-ldap.5.xml:1319 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1323 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3755,7 +3780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1309 +#: sssd-ldap.5.xml:1330 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -3763,7 +3788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1315 +#: sssd-ldap.5.xml:1336 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -3771,41 +3796,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1321 +#: sssd-ldap.5.xml:1342 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1346 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1331 +#: sssd-ldap.5.xml:1352 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1334 +#: sssd-ldap.5.xml:1355 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398 +#: sssd-ldap.5.xml:1360 sssd-ldap.5.xml:1378 sssd-ldap.5.xml:1419 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1346 +#: sssd-ldap.5.xml:1367 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1349 +#: sssd-ldap.5.xml:1370 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -3814,32 +3839,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1364 +#: sssd-ldap.5.xml:1385 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1367 +#: sssd-ldap.5.xml:1388 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1377 +#: sssd-ldap.5.xml:1398 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1401 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1389 +#: sssd-ldap.5.xml:1410 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1392 +#: sssd-ldap.5.xml:1413 msgid "" "Specifies acceptable cipher suites. Typically this is a colon sperated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -3847,24 +3872,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1405 +#: sssd-ldap.5.xml:1426 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1408 +#: sssd-ldap.5.xml:1429 msgid "" "Specifies that the id_provider connection must also use <systemitem class=" "\"protocol\">tls</systemitem> to protect the channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1418 +#: sssd-ldap.5.xml:1439 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1421 +#: sssd-ldap.5.xml:1442 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -3872,17 +3897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1448 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1437 +#: sssd-ldap.5.xml:1458 msgid "ldap_min_id, ldap_max_id (interger)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1440 +#: sssd-ldap.5.xml:1461 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -3893,29 +3918,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1452 +#: sssd-ldap.5.xml:1473 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1458 +#: sssd-ldap.5.xml:1479 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1461 +#: sssd-ldap.5.xml:1482 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1471 +#: sssd-ldap.5.xml:1492 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1474 +#: sssd-ldap.5.xml:1495 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory. " @@ -3924,17 +3949,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1482 +#: sssd-ldap.5.xml:1503 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1488 +#: sssd-ldap.5.xml:1509 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1491 +#: sssd-ldap.5.xml:1512 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -3942,49 +3967,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1497 +#: sssd-ldap.5.xml:1518 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1503 +#: sssd-ldap.5.xml:1524 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1506 +#: sssd-ldap.5.xml:1527 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1511 +#: sssd-ldap.5.xml:1532 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1538 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1520 +#: sssd-ldap.5.xml:1541 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1523 +#: sssd-ldap.5.xml:1544 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1529 +#: sssd-ldap.5.xml:1550 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1532 +#: sssd-ldap.5.xml:1553 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -3992,27 +4017,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1565 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1568 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1551 sssd-ad.5.xml:294 +#: sssd-ldap.5.xml:1572 sssd-ad.5.xml:311 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1557 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1578 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1560 +#: sssd-ldap.5.xml:1581 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -4024,7 +4049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1572 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1593 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -4032,7 +4057,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1577 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1598 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -4040,39 +4065,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1586 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1607 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1589 +#: sssd-ldap.5.xml:1610 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1592 +#: sssd-ldap.5.xml:1613 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1598 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 +#: sssd-ldap.5.xml:1619 sssd-ipa.5.xml:386 sssd-krb5.5.xml:453 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1601 +#: sssd-ldap.5.xml:1622 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1613 sssd-krb5.5.xml:468 +#: sssd-ldap.5.xml:1634 sssd-krb5.5.xml:468 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 sssd-krb5.5.xml:471 +#: sssd-ldap.5.xml:1637 sssd-krb5.5.xml:471 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -4082,7 +4107,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1627 sssd-krb5.5.xml:482 +#: sssd-ldap.5.xml:1648 sssd-krb5.5.xml:482 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -4090,26 +4115,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1641 +#: sssd-ldap.5.xml:1662 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1644 +#: sssd-ldap.5.xml:1665 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1649 +#: sssd-ldap.5.xml:1670 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1654 +#: sssd-ldap.5.xml:1675 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -4117,7 +4142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1681 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -4125,31 +4150,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1669 +#: sssd-ldap.5.xml:1690 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1677 +#: sssd-ldap.5.xml:1698 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1680 +#: sssd-ldap.5.xml:1701 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1684 +#: sssd-ldap.5.xml:1705 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1689 +#: sssd-ldap.5.xml:1710 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -4158,56 +4183,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1703 +#: sssd-ldap.5.xml:1724 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1706 +#: sssd-ldap.5.xml:1727 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1710 +#: sssd-ldap.5.xml:1731 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1716 +#: sssd-ldap.5.xml:1737 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1719 +#: sssd-ldap.5.xml:1740 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1724 +#: sssd-ldap.5.xml:1745 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1730 +#: sssd-ldap.5.xml:1751 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1754 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1745 +#: sssd-ldap.5.xml:1766 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1748 +#: sssd-ldap.5.xml:1769 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -4218,12 +4243,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1760 sssd-ldap.5.xml:2354 +#: sssd-ldap.5.xml:1781 sssd-ldap.5.xml:2375 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1763 +#: sssd-ldap.5.xml:1784 #, no-wrap msgid "" "access_provider = ldap\n" @@ -4232,14 +4257,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1767 +#: sssd-ldap.5.xml:1788 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1772 +#: sssd-ldap.5.xml:1793 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -4248,24 +4273,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1780 sssd-ldap.5.xml:1837 +#: sssd-ldap.5.xml:1801 sssd-ldap.5.xml:1858 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1786 +#: sssd-ldap.5.xml:1807 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1789 +#: sssd-ldap.5.xml:1810 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1793 +#: sssd-ldap.5.xml:1814 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -4273,19 +4298,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1800 +#: sssd-ldap.5.xml:1821 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1803 +#: sssd-ldap.5.xml:1824 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1808 +#: sssd-ldap.5.xml:1829 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -4294,7 +4319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1815 +#: sssd-ldap.5.xml:1836 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -4302,7 +4327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1842 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -4311,7 +4336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1830 +#: sssd-ldap.5.xml:1851 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -4319,108 +4344,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1843 +#: sssd-ldap.5.xml:1864 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1846 +#: sssd-ldap.5.xml:1867 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1850 +#: sssd-ldap.5.xml:1871 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1853 +#: sssd-ldap.5.xml:1874 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1857 +#: sssd-ldap.5.xml:1878 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1883 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1887 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1869 +#: sssd-ldap.5.xml:1890 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1876 +#: sssd-ldap.5.xml:1897 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1879 +#: sssd-ldap.5.xml:1900 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1905 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1888 +#: sssd-ldap.5.xml:1909 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1893 +#: sssd-ldap.5.xml:1914 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1898 +#: sssd-ldap.5.xml:1919 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1903 +#: sssd-ldap.5.xml:1924 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1911 +#: sssd-ldap.5.xml:1932 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1914 +#: sssd-ldap.5.xml:1935 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1918 +#: sssd-ldap.5.xml:1939 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -4431,7 +4456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1929 +#: sssd-ldap.5.xml:1950 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -4449,213 +4474,213 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1945 +#: sssd-ldap.5.xml:1966 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1949 +#: sssd-ldap.5.xml:1970 msgid "ldap_sudorule_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1973 msgid "The object class of a sudo rule entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1955 +#: sssd-ldap.5.xml:1976 msgid "Default: sudoRole" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1961 +#: sssd-ldap.5.xml:1982 msgid "ldap_sudorule_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1964 +#: sssd-ldap.5.xml:1985 msgid "The LDAP attribute that corresponds to the sudo rule name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1995 msgid "ldap_sudorule_command (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1977 +#: sssd-ldap.5.xml:1998 msgid "The LDAP attribute that corresponds to the command name." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1981 +#: sssd-ldap.5.xml:2002 msgid "Default: sudoCommand" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1987 +#: sssd-ldap.5.xml:2008 msgid "ldap_sudorule_host (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1990 +#: sssd-ldap.5.xml:2011 msgid "" "The LDAP attribute that corresponds to the host name (or host IP address, " "host IP network, or host netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1995 +#: sssd-ldap.5.xml:2016 msgid "Default: sudoHost" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2001 +#: sssd-ldap.5.xml:2022 msgid "ldap_sudorule_user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2004 +#: sssd-ldap.5.xml:2025 msgid "" "The LDAP attribute that corresponds to the user name (or UID, group name or " "user's netgroup)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2008 +#: sssd-ldap.5.xml:2029 msgid "Default: sudoUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2014 +#: sssd-ldap.5.xml:2035 msgid "ldap_sudorule_option (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2017 +#: sssd-ldap.5.xml:2038 msgid "The LDAP attribute that corresponds to the sudo options." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2021 +#: sssd-ldap.5.xml:2042 msgid "Default: sudoOption" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2027 +#: sssd-ldap.5.xml:2048 msgid "ldap_sudorule_runasuser (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2030 +#: sssd-ldap.5.xml:2051 msgid "" "The LDAP attribute that corresponds to the user name that commands may be " "run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2034 +#: sssd-ldap.5.xml:2055 msgid "Default: sudoRunAsUser" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2040 +#: sssd-ldap.5.xml:2061 msgid "ldap_sudorule_runasgroup (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2043 +#: sssd-ldap.5.xml:2064 msgid "" "The LDAP attribute that corresponds to the group name or group GID that " "commands may be run as." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2047 +#: sssd-ldap.5.xml:2068 msgid "Default: sudoRunAsGroup" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2053 +#: sssd-ldap.5.xml:2074 msgid "ldap_sudorule_notbefore (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2056 +#: sssd-ldap.5.xml:2077 msgid "" "The LDAP attribute that corresponds to the start date/time for when the sudo " "rule is valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2060 +#: sssd-ldap.5.xml:2081 msgid "Default: sudoNotBefore" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2066 +#: sssd-ldap.5.xml:2087 msgid "ldap_sudorule_notafter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2069 +#: sssd-ldap.5.xml:2090 msgid "" "The LDAP attribute that corresponds to the expiration date/time, after which " "the sudo rule will no longer be valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2074 +#: sssd-ldap.5.xml:2095 msgid "Default: sudoNotAfter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2080 +#: sssd-ldap.5.xml:2101 msgid "ldap_sudorule_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2083 +#: sssd-ldap.5.xml:2104 msgid "The LDAP attribute that corresponds to the ordering index of the rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2087 +#: sssd-ldap.5.xml:2108 msgid "Default: sudoOrder" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2093 +#: sssd-ldap.5.xml:2114 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2096 +#: sssd-ldap.5.xml:2117 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2101 +#: sssd-ldap.5.xml:2122 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2106 +#: sssd-ldap.5.xml:2127 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2112 +#: sssd-ldap.5.xml:2133 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2115 +#: sssd-ldap.5.xml:2136 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest USN " @@ -4663,106 +4688,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2121 +#: sssd-ldap.5.xml:2142 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2131 +#: sssd-ldap.5.xml:2152 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2134 +#: sssd-ldap.5.xml:2155 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2145 +#: sssd-ldap.5.xml:2166 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2148 +#: sssd-ldap.5.xml:2169 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2153 +#: sssd-ldap.5.xml:2174 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2158 sssd-ldap.5.xml:2181 sssd-ldap.5.xml:2199 -#: sssd-ldap.5.xml:2217 +#: sssd-ldap.5.xml:2179 sssd-ldap.5.xml:2202 sssd-ldap.5.xml:2220 +#: sssd-ldap.5.xml:2238 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2163 sssd-ldap.5.xml:2186 +#: sssd-ldap.5.xml:2184 sssd-ldap.5.xml:2207 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2169 +#: sssd-ldap.5.xml:2190 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2172 +#: sssd-ldap.5.xml:2193 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2177 +#: sssd-ldap.5.xml:2198 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2192 +#: sssd-ldap.5.xml:2213 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2195 +#: sssd-ldap.5.xml:2216 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2210 +#: sssd-ldap.5.xml:2231 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2213 +#: sssd-ldap.5.xml:2234 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1947 +#: sssd-ldap.5.xml:1968 msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2229 +#: sssd-ldap.5.xml:2250 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -4771,76 +4796,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2239 +#: sssd-ldap.5.xml:2260 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2241 +#: sssd-ldap.5.xml:2262 msgid "" "Please note that the default values correspond to the default schema which " "is RFC2307." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2247 +#: sssd-ldap.5.xml:2268 msgid "ldap_autofs_map_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2250 sssd-ldap.5.xml:2276 +#: sssd-ldap.5.xml:2271 sssd-ldap.5.xml:2297 msgid "The object class of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2253 sssd-ldap.5.xml:2280 +#: sssd-ldap.5.xml:2274 sssd-ldap.5.xml:2301 msgid "Default: automountMap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2260 +#: sssd-ldap.5.xml:2281 msgid "ldap_autofs_map_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2263 +#: sssd-ldap.5.xml:2284 msgid "The name of an automount map entry in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2266 +#: sssd-ldap.5.xml:2287 msgid "Default: ou" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2273 +#: sssd-ldap.5.xml:2294 msgid "ldap_autofs_entry_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2287 +#: sssd-ldap.5.xml:2308 msgid "ldap_autofs_entry_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2290 sssd-ldap.5.xml:2304 +#: sssd-ldap.5.xml:2311 sssd-ldap.5.xml:2325 msgid "" "The key of an automount entry in LDAP. The entry usually corresponds to a " "mount point." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2301 +#: sssd-ldap.5.xml:2322 msgid "ldap_autofs_entry_value (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2308 +#: sssd-ldap.5.xml:2329 msgid "Default: automountInformation" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2245 +#: sssd-ldap.5.xml:2266 msgid "" "<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type=" "\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> " @@ -4849,46 +4874,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2318 +#: sssd-ldap.5.xml:2339 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2325 +#: sssd-ldap.5.xml:2346 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2330 +#: sssd-ldap.5.xml:2351 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2335 +#: sssd-ldap.5.xml:2356 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2340 +#: sssd-ldap.5.xml:2361 msgid "ldap_user_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2343 +#: sssd-ldap.5.xml:2364 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict user searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2347 +#: sssd-ldap.5.xml:2368 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_user_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:2357 +#: sssd-ldap.5.xml:2378 #, no-wrap msgid "" " ldap_user_search_filter = (loginShell=/bin/tcsh)\n" @@ -4896,43 +4921,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2360 +#: sssd-ldap.5.xml:2381 msgid "" "This filter would restrict user searches to users that have their shell set " "to /bin/tcsh." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2367 +#: sssd-ldap.5.xml:2388 msgid "ldap_group_search_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2370 +#: sssd-ldap.5.xml:2391 msgid "" "This option specifies an additional LDAP search filter criteria that " "restrict group searches." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:2374 +#: sssd-ldap.5.xml:2395 msgid "" "This option is <emphasis>deprecated</emphasis> in favor of the syntax used " "by ldap_group_search_base." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2384 +#: sssd-ldap.5.xml:2405 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:2389 +#: sssd-ldap.5.xml:2410 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2320 +#: sssd-ldap.5.xml:2341 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -4940,7 +4965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2406 +#: sssd-ldap.5.xml:2427 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -4948,7 +4973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:2412 +#: sssd-ldap.5.xml:2433 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -4961,20 +4986,20 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2411 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 -#: sssd-ad.5.xml:365 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 +#: sssd-ldap.5.xml:2432 sssd-simple.5.xml:139 sssd-ipa.5.xml:767 +#: sssd-ad.5.xml:382 sssd-sudo.5.xml:56 sssd-sudo.5.xml:98 sssd-krb5.5.xml:528 #: include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2424 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:380 +#: sssd-ldap.5.xml:2445 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:397 #: sssd.8.xml:191 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2426 +#: sssd-ldap.5.xml:2447 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -5409,7 +5434,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:116 sssd-ad.5.xml:231 +#: sssd-ipa.5.xml:116 sssd-ad.5.xml:248 msgid "dyndns_update (boolean)" msgstr "" @@ -5424,7 +5449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:128 sssd-ad.5.xml:245 +#: sssd-ipa.5.xml:128 sssd-ad.5.xml:262 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -5439,12 +5464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:145 sssd-ad.5.xml:256 +#: sssd-ipa.5.xml:145 sssd-ad.5.xml:273 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:148 sssd-ad.5.xml:259 +#: sssd-ipa.5.xml:148 sssd-ad.5.xml:276 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -5465,12 +5490,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:165 sssd-ad.5.xml:270 +#: sssd-ipa.5.xml:165 sssd-ad.5.xml:287 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:168 sssd-ad.5.xml:273 +#: sssd-ipa.5.xml:168 sssd-ad.5.xml:290 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "whose IP address should be used for dynamic DNS updates." @@ -5512,12 +5537,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:211 sssd-ad.5.xml:284 +#: sssd-ipa.5.xml:211 sssd-ad.5.xml:301 msgid "dyndns_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:214 sssd-ad.5.xml:287 +#: sssd-ipa.5.xml:214 sssd-ad.5.xml:304 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -5525,12 +5550,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:227 sssd-ad.5.xml:300 +#: sssd-ipa.5.xml:227 sssd-ad.5.xml:317 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:230 sssd-ad.5.xml:303 +#: sssd-ipa.5.xml:230 sssd-ad.5.xml:320 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -5549,19 +5574,19 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:247 sssd-ad.5.xml:314 +#: sssd-ipa.5.xml:247 sssd-ad.5.xml:331 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:250 sssd-ad.5.xml:317 +#: sssd-ipa.5.xml:250 sssd-ad.5.xml:334 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:254 sssd-ad.5.xml:321 +#: sssd-ipa.5.xml:254 sssd-ad.5.xml:338 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" @@ -5664,7 +5689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:364 sssd-ad.5.xml:341 +#: sssd-ipa.5.xml:364 sssd-ad.5.xml:358 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." @@ -6281,7 +6306,7 @@ msgstr "" #: sssd-ad.5.xml:175 msgid "" "This option specifies LDAP access control filter that the user must match in " -"order to be allowed access. Please note that the <quote>access_filter</" +"order to be allowed access. Please note that the <quote>access_provider</" "quote> option must be explicitly set to <quote>ad</quote> in order for this " "option to have an effect." msgstr "" @@ -6342,9 +6367,23 @@ msgstr "" msgid "Default: Not set" msgstr "默认: 3" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ad.5.xml:231 +msgid "ad_enable_gc (boolean)" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:234 msgid "" +"By default, the SSSD connects to the Global Catalog first to retrieve users " +"and uses the LDAP port to retrieve group memberships or as a fallback. " +"Disabling this option makes the SSSD only connect to the LDAP port of the " +"current AD server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:251 +msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " "secured using GSS-TSIG. As a consequence, the Active Directory administrator " @@ -6354,29 +6393,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:264 +#: sssd-ad.5.xml:281 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:278 +#: sssd-ad.5.xml:295 msgid "Default: Use the IP address of the AD LDAP connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:329 sssd-krb5.5.xml:496 +#: sssd-ad.5.xml:346 sssd-krb5.5.xml:496 msgid "krb5_use_enterprise_principal (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:332 sssd-krb5.5.xml:499 +#: sssd-ad.5.xml:349 sssd-krb5.5.xml:499 msgid "" "Specifies if the user principal should be treated as enterprise principal. " "See section 5 of RFC 6806 for more details about enterprise principals." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:359 +#: sssd-ad.5.xml:376 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -6384,7 +6423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:366 +#: sssd-ad.5.xml:383 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -6399,7 +6438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:386 +#: sssd-ad.5.xml:403 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6408,7 +6447,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:382 +#: sssd-ad.5.xml:399 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -6416,7 +6455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:392 +#: sssd-ad.5.xml:409 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>." -- cgit